fbpx

Our third and final speaker at our “Protecting Your Business” seminar was Rob Garbee from the Roanoke Information Security Exchange (RISE). He spoke about cyber security – a topic that is so important but often neglected.

According to Keeper Security’s “The State of SMB Cybersecurity,” 50% of small and midsized organizations reported suffering at least one cyber attack in the last 12 months.

Rob created RISE because he is passionate about educating the local community on how to secure their online life.  Rob’s presentation included statistics and information from the SANS Institute Top CIS Critical Security Controls –there are 20 in total; however, he concentrated on the top five.

According to Rob, the top 5 will prevent or stop 85%-90% of attacks.

What is a CIS Critical Security Control?

A set of actions recommended for cyber defense that provide specific ways to stop today’s most dangerous attacks.

What are the top five Critical Security Controls?

CSC 1: Inventory of Authorized and Unauthorized Devices

Businesses should be actively managing inventory, tracking, and correcting all hardware devices (hardware meaning the computers, workstations, phones, printers, fax machines, IPads, projectors, etc.) on your network so that only the authorized devices are provided with access to information. This helps track unauthorized devices and denies them access to the network.

CSC 2: Inventory of Authorized and Unauthorized Software

Similar to CSC 1, this control is in reference to the software on your network instead of hardware. It is important for businesses to keep inventory of the software (meaning the various programs used to operate computers and related devices) on the network to know what is authorized and unauthorized. It is also important to regulate software downloads at your business –poorly controlled machines are more likely to be running unnecessary programs making you more vulnerable to cyber attacks.

CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

Implement and test an automated configuration monitoring system that will detect new administrative users, changes to groups, and new services running on a system.

CSC 4: Continuous Vulnerability Assessment and Remediation

Plain and simple – attackers like vulnerable systems. Run scanning tools on a frequent basis to test your businesses vulnerability on all systems of the network to reduce risk of attacks.  If you find a weak link, make it a priority to fix it.

CSC 5: Controlled Use of Administrative Privileges

Minimize administrative privileges and only use administrative accounts when they are required. Always monitor for irregular behavior on administrative accounts.

Cyber attacks are a serious threat that can bring devastating loss to your company finances and reputation. For example:

  • The United States Department of Justice reported a breach in 2016 where attackers released data on 10,000 Department of Homeland Security employees and released data on 20,000 FBI employees. The information released included names, titles, phone numbers, and email addresses.
  • Yahoo experienced a data breach in 2016 that affected over 500 million user accounts—information such as user names, email addresses, phone numbers, social security numbers, and dates of birth were obtained.
  • The Home Depot reported that 56 million credit cards had been compromised in an attack that ran from April through September of 2014 and affected stores in the United States and Canada. The estimated cost of this breach was $62 million dollars.

Many businesses are not aware that there is insurance available to protect your business from such devastation. Do not wait until an attack happens, be proactive and talk to an independent insurance adviser about what options are available for your business to protect itself from cyber crimes.

 

 

Sources:

https://roanokeinfosec.com/

https://www.welivesecurity.com/2016/12/30/biggest-security-incidents-2016/

https://www.nytimes.com/interactive/2015/02/05/technology/recent-cyberattacks.html