Page 62 - Cyber Warnings
P. 62







In terms of education, companies must do more to formalise the security training they give
employees from the day they join the company, right through to when they leave. It doesn’t
matter what job level someone joins at. Everyone’s a risk, so everyone needs training.

And while training is hugely effective, humans are always human, and will be prone to making
mistakes. Technology, therefore, is essential in mopping up any errors that happen, and can
provide protection in two parts — restricting access (prevention) and networking monitoring
(cure).

Restricting access
And as prevention is always better than cure, companies need to do more to protect their
networks from hackers using compromised credentials. By restricting access to certain
workstations, geographies, times of day, or IT-approved employee-owned devices, a hacker
can’t gain entry using a legitimate login because they’d be logging in from the wrong device, the
wrong location or at the wrong time of day. Restricting access in this way narrows the window of
opportunity for hackers.

Network monitoring
But for those attackers who do end up logging in to a corporate network — perhaps they stole
an employee’s device or broke into your office — effective network monitoring and file
monitoring can mitigate any damage. Autonomous monitoring can pick up on suspicious
network activity quickly, and alert an administrator before a hacker has a chance to steal any
information or snoop around. To use an analogy, it’s akin to catching a burglar mid act and tying
them up before the police arrive.

Crucially, both of these kinds of technologies would’ve prevented the high-profile attacks on
Anthem, Sony, eBay, Dropbox and Sage — and both would help small businesses to keep their
sensitive data safe. And in a world where cybersecurity skills are lacking, it’s the least
companies can do to get through troubled times.

About the Author

François Amigorena is the founder and CEO of IS Decisions, and an expert
commentator on insider threat issues.

IS Decisions is a provider of infrastructure and security management software
solutions for Microsoft Windows and Active Directory. The company offers
solutions for user-access control, file auditing, server and desktop reporting,
and remote installations.

Its customers include the FBI, the US Air Force, the United Nations and Barclays — each of
which rely on IS Decisions to prevent security breaches; ensure compliance with major
regulations; such as SOX and FISMA; quickly respond to IT emergencies; and save time and
money for the IT department.


62 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   57   58   59   60   61   62   63   64   65   66   67