By Andrew Vest
We are fighting a cyber war right now, and humans who make mistakes often unwittingly create opportunities for cyberhackers to exploit.
Over the past several years, I’ve developed a healthy appreciation for the importance of keeping highly sensitive data secure. In my entrepreneurial ventures, I’ve had a personal stake in keeping my own intellectual property safe from cybercriminals. In my professional life, particularly over the past few years, I’ve talked virtually every day with CTOs and CISOs whose biggest concerns and challenges have been keeping their systems safe.
Before my current job, I worked in cloud services selling companies on their cloud, security, or dev maturity model. It never failed: During the sales process, IT leaders would raise their security concerns. As a result, I became so passionate about the need for security that I joined a startup that specializes in Moving Target Defense (MTD), a new approach that helps fight the war on hackers and helps keep company data safe, even when people make mistakes.
Cybersecurity experts, including the FBI and cybersecurity professionals from around the world, confirm the biggest weakness in cybersecurity is human error. In fact, IBM revealed in its latest Cyber Security Intelligence Index that an astonishing 95 percent of all security incidents involve human error ̶ from following links to phishing scams to visiting bad websites, enabling viruses and falling victim to other advanced persistent threats.
This same report discusses the additional problem of skilled, trustworthy system and network administrators unknowingly causing security vulnerabilities by creating system misconfigurations, using default names and passwords, following bad patch management practices and more.
While this may sound scary, there are steps IT departments can take to prevent human error from becoming a major liability in securing their computer systems.
Step Up to the Plate
IT leaders must take the initiative to train everyone in the company about cybercrime and how to identify and report any suspected attempts. Educate employees about the threats we face in today’s technological workplace, how to identify suspicious communications and tactics, how to detect internal threats, what to do if a cybersecurity threat is suspected.
Help Them Help You
Warn employees against making these common mistakes:
- Discussing sensitive information with “clients” without verifying their identity
- Failing to report a lost smartphone, tablet or laptop
- Leaving documents containing sensitive information on desks
- Using (and losing) unencrypted USB drives
- Sending unsecure emails
- Sharing passwords
- Using the same password for all apps
- Using obvious passwords (i.e. “Password”, birth date, children’s names, “123abc," etc.)
- Storing passwords within reach of the computer
- Failing to report suspected illegal activity
Don’t Talk to Strangers
We’ve all received an email that appears to be from a reliable source, yet it isn’t. These “spear phishing” messages contain malicious links or attachments that can cause a virus, or malware, to be downloaded. If opened, this can grant attackers access to valuable information, including intellectual property and highly personal data. If an email or a link seems suspicious, teach employees not to open it, but rather to alert your department.
Adopt Moving Target Defense
Even if you take all the possible precautions to avoid human error, it’s inevitable. So, if hackers do gain access to your infrastructure or applications, is it vulnerable? Absolutely, if you currently have a static system, because you’re giving them enough time to play within the system, learn your code and potentially crack it. But if you’ve armed your infrastructure with a Moving Target Defense strategy, you’ve still got the advantage.
Adopting MTD enables you to obliterate both the attack strategies and economic incentives of cyberhackers with a triple defense:
- Binary Scrambling: This is a deliberate scrambling of the zeroes and ones of the code. Some companies that specialize in MTD even have the technology to scramble the binary code as often as every five seconds, so if someone was to gain access, they’d only have mere seconds before the code changes and they’re locked out again.
- Microservices Firewall: Rather than separating apps into tiers and securing just the tier borders, MTD protects each individual microservice.
- Rapid Cycling: This is continuous remediation, involving wiping and reloading systems very quickly. The right cybersecurity company can even perform this task within a quarter of a second, every five seconds. Now that’s a moving target.
Andrew Vest is an entrepreneur to his core. He’s passionate about building products and connections that people find useful. Andrew is also Director Commercial Sales at Polyverse:Container Based Cybersecurity Platform. Outside of work, he loves spending time with his family, coaching his sons little league, hiking, biking, fishing and pretty much everything else outdooors.