Cyber security is, and always will be, an everchanging battlefield. This is especially true now, with the extended working from home capabilities that most companies are adhering to. Businesses are only ever as strong as their weakest link and, those links are harder to protect when they’re on the move.

I’m going to discuss the top trends in cyber security over 2021 and 2022, and how to defend your business against them.

1. Ransomware
   

   Ransomware is the most destructive cyber security incident that responders have to deal with – and, according to NCC Group, it’s been on the rise year after year. 2021 saw a 92.7% increase in reported attacks compared to the previous year with spikes during July and August; and, with easily accessible services such as RaaS, it’s no wonder why.

2. Phishing
   

   Another rising star in the cyber security space is phishing. Along with ransomware, phishing isn’t new to the scene but, it certainly is more threatening compared to the previous 2/3 years. Gone are the misaligned logos and addresses from [email protected], in are carefully crafted HTML documents with obfuscated links designed to exploit the natural trust you have in seeing a familiar logo.

3. Data Loss
   

   The term ‘data loss’ covers both data loss via deletion and overwriting but, also data leakage from either error or malevolence. DLP (data loss prevention) is just as important as any other part of cyber security – your company’s important documents should stay your company’s. One of the most common ways data gets incorrectly shared is by accident. For example, an employee shares a OneDrive folder that doesn’t have the correct permissions set and, suddenly an untrusted 3^rd party has more access than you’d like.

4. Insider Threats
   

   This category of threat covers not only disgruntled employees but so much more. These include:

• 3^rd party contractors with access to the backends’ of websites and CRMs
• ‘Second streamers’ – employees misusing the data they can access at work to make money on the side
• ‘Non-responders’ – those who do not respond to security training and therefore often fall victim to phishing attempts and the like

Solutions

Now, it’s all well and good to know what the threats are but, how do you keep your business secure from them in the long-term? I’ll outline solutions below but, it goes without saying that these require constant care and attention. None of these should be “set and forget“.

1. Patching
   

   Patching is the single most important part of securing your business’ technology fleet. You should have a clearly defined, out of hours schedule that includes what types of patches are being installed and the time period that the devices could/would be out of commission. As your user base gets larger, it becomes increasingly necessary to split these updates up so that the entire company won’t be out of action should something go awry.

2. EDR

   An advanced EDR (endpoint detection and response) will detect any malicious files and stop them before they’ve even executed; reducing the risk of ransomware, keyloggers, even malicious macros, along with most other tools that bad actors have used in the past. EDRs provide intense logging that will assist your helpdesk in ascertaining how the threat was able to make its way to the device in the first place.

3. MFA

   Before most of these threats even hit a device, they usually need to get through the user. MFA (multi-factor authentication) ensures that only authorised users are able to access company resources by ensuring they are who they are claiming to be. The best way to do this is via app-based notifications with push notifications disabled (see ‘MFA fatigue’, or ‘notification fatigue’)

4. User training

   Knowledge is power and, training your users to be able to discern a fake password reset email from a real security event is the difference between your users helping you keep your business secure and them inadvertently causing it harm.

If you have any questions about your business security, don’t hesitate to get in touch with the team today.

James is our Security Lead and you can connect with him on LinkedIn here.