Category Archives: firewall

Breach and Attack Simulation: Find Vulnerabilities before the Bad Guys Do

Despite having deployed multiple solutions to create a defense in depth and having followed all the industry best practices, some of the very best IT security directors will confess that

The post Breach and Attack Simulation: Find Vulnerabilities before the Bad Guys Do appeared first on The Cyber Security Place.

SMB Security Best Practices: Why Smaller Businesses Face Bigger Risks

Data breaches that compromise hundreds of thousands — or millions — of records tend to grab the most headlines, but small- and medium-sized businesses (SMBs) are far from immune to cyberattacks.

SMB security is full of holes, and these vulnerabilities are often the most damaging, according to recent research. For example, Verizon’s “2018 Data Breach Investigations Report” found that about 58 percent of all data breaches target small businesses. In addition, 60 percent of SMBs hit with a data breach close within six months, according to Switchfast Technologies, even though more than half of all small business leaders don’t believe they’re targets.

Small Businesses Are Easy Targets

“Think your business is too small to be targeted by a hacker? Think again,” said Chris Stoneff, vice president of security solutions at secure remote access provider Bomgar. “If your business handles any financial information or valuable data about your customers, then guess what? You’re a target for cyberattacks.”

As large enterprises increasingly focus on improving cybersecurity, cybercriminals may take the path of least resistance.

“If that path is via a smaller business with tempting customers,” Stoneff added, “you better believe they will take the easy route.”

At the same time, many small businesses don’t have a lot of money to spend on cybersecurity. In fact, nearly half of all small businesses fail within five years, according to the U.S. Small Business Administration, and cash flow problems account for a huge number of those closures.

Why You Shouldn’t Skimp on SMB Security

Cybersecurity is not the place for SMBs to cut costs, said John Watkins, vice president and chief information officer (CIO) of inRsite IT Solutions, a cloud and security provider for SMBs.

“If you don’t take cybersecurity seriously, and one day you’re forced to pay $8,000 in bitcoin to — hopefully — unlock your QuickBooks data, just remember, you saved $500 by not getting a firewall,” Watkins quipped.

Clearly, small businesses — even those with razor-thin profit margins — shouldn’t skimp on their cybersecurity protections. But assuming budgets are tight, how can SMBs make the most of their spending?

Many cybersecurity experts still recommend the basics:

  • Use multifactor authentication to sign on to company devices.
  • Require strong passwords.
  • Deploy antivirus, antispyware and firewall protection.
  • Identify the sensitive data you hold and encrypt it.
  • Regularly update software.
  • Train employees on cybersecurity.

A business-grade firewall is one of the essential basics no SMB should ignore, Watkins said.

“No, the ISP modem is not good enough,” he said. “Just run a Google search on the model number of your modem and you’ll find 10 articles listing the default admin password for it.”

Building a Holistic Security Strategy

SMB cybersecurity efforts should focus on their people and processes, “coupled with the support of reliable, well-implemented tools and technologies,” said Chris Duvall, senior director at The Chertoff Group, a company that advises clients on security and risk management.

Beyond the basics, Duvall urged SMBs to consider a virtual private network (VPN) to protect traffic in and out of their networks and a password management tool to help employees store their credentials in a single, secure location. Small businesses should also look into commercial products that package a number of security tools, such as intrusion detection and prevention systems, together.

What to Look For in an MSSP

Managed security service providers (MSSPs) enable small businesses to outsource their cybersecurity protections for a monthly fee. MSSPs can be useful for a resource-strapped SMB, Duvall noted, “but using the right MSSP and ensuring regular and detailed communication is key.” He added that with managed service becoming a popular offering in the cybersecurity industry, some companies are “labeling themselves as MSSPs but are not capable of, or qualified to, manage the security of other organizations.” SMBs should do their homework and request a “proof-of-concept” period before signing an MSSP contract.

Mike Baker, founder and principal of managed cybersecurity provider Mosaic451, agreed that outsourced services can help SMBs fight off attackers. An SMB’s IT staff can “get bogged down by providing the basics — such as routine system monitoring, software upgrades, training on new systems and services, help desk support, and the seemingly endless number of meetings,” he said. The best way to find a managed service provider, then, is through word of mouth.

“It’s always better to go with an actual referral,” Baker said. “Go with someone you know. Go with someone that a peer knows.”

Online ratings, “random top-10 lists and whatnot are paid-for marketing,” he added. “Trust them at your peril.”

Why You Must Actively Manage Your Data

Watkins and other cybersecurity professionals also advised SMBs to frequently back up their data. A cloud service is a good way to make copies that are protected from direct attacks on the business. Ransomware remains a serious threat, and some network-attached storage device makers include software to encrypt and replicate a business’ data in the cloud.

SMBs should have at least three backups of their data, Watkins recommended.

“One of the most devastating things that can happen to an SMB is data loss,” he said. “Whether caused by lightning frying your PC or cryptoware infecting your server, data loss can literally bring a business to the brink of closure.”

Frequent backups, a managed security provider, a VPN, and a well-rounded package of antivirus and intrusion detection tools are among the protections SMBs should consider to better secure their data, but establishing these defenses is only the beginning. To sustain a successful enterprise security strategy, organizations must regularly audit the efficacy of each tool and team, establish a culture of security from the top down, and scale consistently through growth phases.

The post SMB Security Best Practices: Why Smaller Businesses Face Bigger Risks appeared first on Security Intelligence.

Pukka Firewall Lessons from Jamie Oliver

Pukka Firewall Lessons from Jamie Oliver

In our office I’m willing to bet that food is discussed on average three times a day. Monday mornings will be spent waxing lyrical about the culinary masterpiece we’ve managed to prepare over the weekend. Then at around 11 someone will say, “Where are we going for lunch?” Before going home that evening, maybe there’s a question about the latest eatery in town. 

I expect your office chit chat is not too dissimilar to ours, because food and what we do with it has skyrocketed in popularity over the past few years. Cookery programmes like Jamie Oliver's 30 minute meals, the Great British Bake-off and Masterchef have been a big influence. 

Our food obsession, however, might be putting us all at risk, and I don’t just mean from an expanded waistline. Cyber criminals appear to have turned their attention to the food industry, targeting Jamie Oliver’s website with malware. This is the second time that malware has been found on site. News originally broke back in February, and the problem was thought to have been resolved. Then, following a routine site inspection on the 13th of March, webmasters found that the malware had returned or had never actually been completely removed. 

It’s no surprise that cyber criminals have associated themselves with Jamie Oliver, since they’ve been leeching on pop culture and celebrities for years. Back in 2008, typing a star’s name into a search engine and straying away from the official sites was a sure fire way to get malware. Now it seems they’ve cut out the middleman, going straight to the source. This malware was planted directly onto JamieOliver.com.

Apart from bad press, Jamie Oliver has come away unscathed. Nobody has been seriously affected and the situation could have been much worse had the malware got into an organisational network. 

Even with no real damage there’s an important lesson to be learned. Keep your firewall up to date so it can identify nefarious code contained within web pages or applications. If such code tries to execute itself on your machine, a good firewall will identify this as malware.