Over the past two years, we’ve witnessed some of the largest cyber-attacks in history. Some of these attacks have been very well publicised and are probably already familiar to you – Target, Home Depot, eBay, JP Morgan Chase, Sony Pictures, US Office of Personnel Management, Ashley Madison, and T-Mobile. However, with cyber security, one can never claim to have witnessed the largest attack, because a larger one may already be in progress.
With this in mind, I thought it would be prudent to look into some of these cyber-attacks and see what we can learn from them to help cyber security services detect future attacks before they even happen.
While it might seem that all cyber-attackers have the same objective, it is very important that the motive behind each attack is clearly understood. For example, a retail company is more likely to be hacked for access to its customers’ card information than it is for company information. Alternatively, if your organisation is a healthcare provider that handles both credit card information and health records, it is important to know that any cyber-attack is going to be aimed at gaining access to these, either separately or simultaneously. As such, when it comes to company and customer information, it is important to not only identify what information is at stake, but also what reasons cyber criminals may have for coming after it.
So taking this on board, here are my top three recommendations outlining what organisations need to do to in order to protect themselves from becoming the next victim of a very well publicised attack.
- Employee awareness and training: It is still not happening nearly enough
- Security checks and password power: Inadequate passwords leave you open to attack
- Third parties can compromise security: Make sure that you have the necessary security practices in place
Many well-known cyber-attacks can be traced to inadequate security controls, human error and deviations from set procedures, and so rigidly following established security practices can go a long way to ensuring that cyber attackers have a tough time breaching your organisation’s data. In today’s world of ever-increasing security threats, it is no longer a question of if, but when. The combination of strict adherence to security policies and procedures, as well as strong and reliable cyber security services and products, will help your organisation to stay secure and to carry on with business as usual, without worrying about whether your data and applications are about to be the next big hit.
By Isaac George, SVP and UK Regional Head, Happiest Minds