Most organizations understand the rising threat of cybercrime. Yet, it can take over 200 days for some to detect a breach, let alone respond to it. So much time not only adds to the breach’s damage but also gives cybercriminals a chance to elevate privileges or laterally move to other systems and exfiltrate the information they need. Once they have it, they may sell it to others.
If an organization can’t tell when a breach may have occurred, they’re in an even more vulnerable position. Here are 7 steps to cyber crime prevention in your business.
Step 1: Education and Awareness
Employees are a top target for cybercriminals, but with proper technology and training, they can help strengthen security. Your company culture should be focused on cyber defense and awareness that puts employees in a strong position to identify suspicious activities and report them.
This can be done by training them to:
- Be vigilant online
- Report suspicious emails with hyperlinks or attachments from unknown sources
- Identify and report suspicious applications
- Avoid clicking on ads or links from unknown sources
- Limit activities on insecure Wi-Fi networks
Having employees at the forefront can help you catch a breach early before it becomes a big problem. Employees also gain vital skills to protect their own personal data outside of the office and even their friends and family.
This isn’t to say that all employees need to become cybersecurity professionals. Simply understanding and having awareness of common traps that attackers use will help keep the organization safe.
Step 2: Implement and Enforce App Security
Apps can be a risk to cyber security. Apps that seem innocent can expose your organization to a lot of data risk, including sensitive business and customer data, which needs to be protected from unauthorized users.
Many apps may have security controls in place, but users need to take responsibility for their own activities.
The risks may include:
- Transmitting data without encryption
- Using inadequate authentication and authorization checks
- Leaking data that could be read by other malicious sources
- Vulnerable APIs that expose sensitive data
There are many steps you can take to improve app security:
- Reducing sensitive information that’s stored in the app
- Certificate pinning to limit intermediary attacks
- Implementing data security guidelines for app use
- Limiting app permissions
- Never save passwords on an app
- Enforcing session logouts
- Enhancing security with multi-factor authentication
- Continually assess the risks of apps and monitor for security updates
Step 3: Analyze Logs for Suspicious Behaviour
Security logs offer a lot of details to help you identify a possible breach or unusual activity. Analyze the security logs regularly to discover unusual activities, such as logins that occur outside of normal business hours, to identify possible malicious hacker activities. If a breach does occur, these logs can be valuable for determining the cause.
Step 4: Keep Systems Patched and Up-to-Date
All systems and applications require patches to identify and correct vulnerabilities in the software that could create weak points. Keep up with patches to prevent malicious hackers from exploiting the systems.
In addition, regular patches can fix bugs, enhance features, and ensure that apps function as they should. You can’t practice cyber crime prevention with patches alone, but they can make it more difficult for attackers.
Step 5: Use Strong Passwords and Protect Privileged Accounts
Passwords are always a weakness for organizations. Employees should be trained and required to use strong passwords and change them often. In addition, applications don’t always send an alert that it’s time to change a password or if a password is weak.
Employees with multiple accounts and reused passwords are at a greater risk of a breach. Implement an enterprise password and account vault to maintain credentials throughout your organization. Help employees move passwords into the background by using a password manager that will help auto-generate strong complex unique passwords for each account. The same is true of privileged accounts. Employees with privileged access can create vulnerabilities for the whole network. One compromised account gives an attacker the freedom to move about the network unencumbered. Make sure to identify privileged accounts and applications, revoke rights as needed, and enforce multi-factor authentication everywhere.
Step 6: Don’t Allow Installation of Unapproved or Untrusted Applications
Privileged access gives users the option to install and execute applications without authorization or verifying the application’s reputation, presenting weak points. Ransomware or malware can be used to infect a system, allowing a malicious hacker to install tools providing them persistent access.
Simple errors, such as reading an email, clicking on the wrong link, or downloading the wrong document can give the malicious hacker what they need to install devices, undetected. The attacker then has control to launch future attacks and obtain sensitive information that can be damaging to the organization.
Step 7: Be Deceptive
Criminals of all types thrive on predictability and routine, including attackers and malicious hackers. Think of a burglar staking out a house. They look for homeowners with strict routines to ensure that they have a good window of time to get in and out. An attacker takes the same approach, only with scans, patches, and automated tasks that they can track and know the best time to strike.
Don’t run scans or patches on the same day of the month. Keep your movements unpredictable with an as-needed and random approach. The more you can keep an attacker on their toes, the fewer opportunities they’ll have to attack. In addition, this prevents a malicious hacker from hiding out in the system for too long.
Cyber Crime Prevention: Develop a Robust Cyber Security Protocol
Organizations always face the threat of cybercrime, whether large or small. The increasing adoption of technology only heightens the risk, and that’s not going to slow down any time soon. Organizations should take a proactive approach to protect themselves from cyber threats. When a breach does occur, these cyber crime prevention measures can help with detection and mitigation to avert them from a catastrophe.
Joseph Carson is a cybersecurity professional with more than 25 years’ experience in enterprise security and infrastructure. Currently, Carson is the Chief Security Scientist & Advisory CISO at Delinea. He is an active member of the cybersecurity community and a Certified Information Systems Security Professional (CISSP). Carson is also a cybersecurity adviser to several governments, critical infrastructure organizations, and financial and transportation industries, and speaks at conferences globally.