Page 141 - Cyber Defense eMagazine July 2024
P. 141

Enlist fully encrypted communications

            Not all enterprises are created equal – some have robust security protections and networks while others
            are outdated  or weak to new-age  technology  like AI. While 77% of companies  worldwide  are using or
            exploring  the use  of  AI in  their  operations  (according  to  McKinsey),  an  EY 2024  study  found  78%  of
            people reported concerning feelings over AI causing an increase in cyberattacks. The best way to protect
            an enterprise today is to deploy the strongest encryption standards. This will protect sensitive data while
            it is in transit and at rest. When information is encrypted, it is turned into cipher text that can’t be read or
            used without a proper encryption key, rendering it completely useless to the bad actors who gain access
            to  it.  Using  encryption,  enterprises  can  ensure  private  information  doesn’t  land  in  the  hands  of
            unauthorized users.



            Eliminate data collection

            In  a  new  era  where  vulnerability  exploitation  tripled  in  the  last  year,  protecting  data,  the  one  thing
            attackers are after, is essential. In short, hackers aren’t attracted to systems that don’t have data stored
            on them. Therefore, one of the best ways to minimize an enterprise’s risk of a cyberattack is to eliminate
            data  collection.  Make  sure  software  and  applications  being  used  throughout  the  organization  are  not
            collecting and storing data on network devices. Storing data on the Cloud can oftentimes be a safer route
            than storing data on individual devices.



            Protect BYOD Practices

            Following the pandemic, many enterprises adopted Bring Your Own Device practices to allow employees
            to work remotely. Although BYOD allows for more efficient operations, the practice lends itself to threats
            such as data theft, malware and lost or stolen devices.  In 2022, 43% of employees  experienced  work-
            related  phishing  attacks  on  their  personal  devices.  Therefore,  it  is critically  important  that  in allowing
            BYOD practices, IT leaders define what corporate data and assets are permitted on a BYOD device as
            well as which applications and software can be used when connected to company networks. Additionally,
            these  devices  must  be  equipped  with  end-to-end  encryption  protections  to  prevent  third  parties  from
            accessing data while it's transferred from one device to another.



            Enforce Cybersecurity  Training

             A study found that 74% of data breaches  involved the human element,  meaning employees  are often
            the epicenter of data breaches.  The best way to mitigate  this denominator  is to build a strong  security
            culture.  To do  this,  CISOs and  IT leaders  should  enforce  regular  cybersecurity  training  that educates
            employees  on  the  latest  threats  facing  their  organization.  Employees  should  know  how  to  identify  a
            potential attack, report it to leadership and what to do if they fell victim to a hack. CE
            O's






            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          141
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   136   137   138   139   140   141   142   143   144   145   146