What is an IT Security vulnerability?
Everyone is telling me I may have an IT security vulnerability, that my IT systems could be vulnerable, but what does this really mean?
Because IT environments can become quite complex and large it can be difficult to understand. The simple answer is that a vulnerability is a weak point in your IT system that can be made to do something unintended. Take your home for example, if you don't correctly maintain your front door it may become weak - you can go out and lock it but the door could be broken to gain entry. The weakness in the front door could be exploited; your home security is compromised; your home is vulnerable to attack.
What is an example of an IT security vulnerability?
A computer that connects to the internet which is not kept up to date with the latest security updates would be a vulnerability. As security weaknesses are found within the operating systems or software, updates (patches) are released to resolve the problem. You should then receive notification of the patch and apply to your IT systems; if you do not apply updates these weaknesses will remain, and those systems left vulnerable.
Why are there weaknesses within the operating system or software on your computer?
Consider the legal process, where some simple principles (liberty, honesty, free speech, etc) give rise to very detailed laws to cover specific situations. Enterprising individuals can find legal 'loopholes' - misbehaving but not actually breaking the law. Computer code is similar, a complex system with loopholes allowing unintended consequences.
IT security is the process of identifying these loopholes and closing them. It is one side of a continued battle between the good guys and the bad. If the bad guys find an area of code that gives them background access to a computer, the good guys will release an update (patch) to update the code to block this.
Types of IT security threats
What are the common IT security threats?
1. Phishing attacks
Your staff is one of the biggest IT Security vulnerabilities in your business! Attackers communicate with your staff, often by email, to trick them into supplying their details such as usernames and passwords or installing malicious software. Attackers sometimes research and gather information about target organisations to make the approach seem more genuine. These attacks are getting more common and more complex.
Ransomware comes in a few forms, the most common encrypts data on computers and networks so you are unable to access your files. The bad actor often demands money to decrypt your files. This can be crippling to companies.
3. Password Attacks
This is easiest to understand but is historically hard to stop.
Password attacks are when the bad actor - often using automated systems (bots) in a network (botnet) - attempt many different passwords (brute force) against your username until they get a successful login. This is happening 24/7 and we cannot stop it. Unfortunately, many of your platforms are on the open internet meaning anything can try and sign in as you.
How to prevent IT security threats?
How to prevent phishing attacks
The biggest defence against these attacks is staff awareness and vigilance. Trained staff are better prepared to validate communications - phone, chat, email - to look out for the signs of suspicious behaviour.
As a technical safeguard, email filters can be put into place to scan emails before they arrive. They are a very effective protection mechanism but are never 100% effective. Malicious emails are often very cleverly written, and deliberately constructed to fool filters, so should not be relied on alone.
How to avoid ransomware
Protection software is used to guard your system against attacks such as ransomware. Historically known as antivirus, protection software has now evolved into Endpoint Detection and Response (EDR). EDR software looks for signs of ‘suspicious’ behaviour on your system and quickly attempts to stop the attack or minimise the impact.
Ensure you have selected protection software that has the latest technology to fight against ransomware and keep it up to date. Of course, this is just part of a suite of defences, which also includes a comprehensive system of backups and patch management.
How to prevent password attacks
Always use strong passwords, not your username with 123 at the end! Do not reuse the same password on different accounts - use a unique password every time. Otherwise, once one account is hacked, all your accounts are hacked. Enable and set up two-factor authentication (2FA), this is a strong method to protect against password attacks. 2FA requires you to enter a code from a device only you have access to. Even if the password is known, an attacker would need your mobile phone for the code the log in to your account.
IT security vulnerability management
How to assess IT security threats in an organization
Protection software can give reports on its effectiveness, and this can be used as part of an analysis of the protection being afforded. To analyse the threats throughout an organisation, all aspects of the operation must be considered - not just the computers themselves. One technique, and widely used in security standards, is based on a security risk assessment. This process involves a team to analyse all of their systems, processes and facilities to identify risk areas, the existing prevention measures, and the impact of not addressing the risk. The process may be led by an expert to ask key penetrating questions.
How do you manage cyber security threats?
Once the security risks, existing measures, and impact of a breach have been established, they can be prioritised in order of severity. The team can consider further prevention measures, choosing perhaps to focus first on the most severe. Estimate the time and effort to undertake each or whether a change in working practice can reduce or eliminate the problem. Finally, a business decision can be made by senior managers, evaluating the risk and impact of an event against the time and effort needed to remediate.
Importance of IT security risk management
The importance is entirely dependent on the type of breach and associated implications, but generally cannot be overstated. IT systems are vulnerable to attackers all over the world, 24 hours a day, 365 days a year. Attackers are professional, skilled, and enterprising. There are alarming statistics for businesses that fold after a breach.
Can your business survive without access to key data? For how long? What about if your invoicing, stock control, ordering system or payroll records are deleted, what is the impact? How long can you operate? What would be the impact if your commercial secrets are leaked to the world? How would you manage if an attacker successfully masquerades as your chief exec, communicates with their contacts, and makes deals or transfers funds?
Therefore, you need to plan and protect your business, present a robust stance to cyber threats, and give your business the best chance to not be the next victim.
I need more help, what do I do next?
We have a wealth of experience in securing our clients’ systems and data against attack. We partner with businesses to understand their needs, plan and implement appropriate solutions. Our team of specialists use the latest security tools to keep you and your business safe.
We've got your back. Give us a call today.