Ensuring that hardware, software, applications and files are maintained in a safe and secure way should be central to the way every organization approaches cybersecurity. The problem is, the complexity of today’s highly connected technologies and the growing sophistication and volume of threats means that for many, just keeping up to date with basic ‘cyber hygiene’ essentials can be a challenge and therefore leaves the organization vulnerable to attack.
The ‘to do’ list is varied, but if your organization doesn’t regularly monitor and assess issues ranging from hardware and software updates, passwords and device encryption to backups and user training, it risks falling short on critical security responsibilities.
And this is more than good housekeeping – the consequences of poor cyber hygiene can be far reaching and have played a central role in the most widespread and damaging breaches in history, including the infamous SolarWinds attack.
As recently reported in media outlets such as SC Magazine, for instance, “The Cybersecurity and Infrastructure Security Agency confirmed . . that better cyber hygiene – specifically, blocking SolarWinds Orion servers from outbound internet traffic – might have helped prevent the supply chain attack.” However, security commentators have also highlighted that hygiene alone would not necessarily remove the threat, rather slow down and inconvenience attackers.
Taking pressure off employees to prevent cyber attacks
Many organizations also see cyber hygiene as an issue that mainly applies to their users, how they approach cybersecurity and the risks they inevitably bring. As a result, they put too much emphasis on ‘box ticking’ cybersecurity training, assuming it’s the best way to minimize the chances of a successful attack.
But as Glasswall’s CPO, and a cybersecurity veteran, Paul Farrington, explains, “There is always a place for promoting some level of cyber hygiene. By being diligent, we make successful breaches less likely. Increasingly though, attackers rely on predictable human behaviour to tip the odds of success in their favour”
He continues: “Organizations need to accept that minds can be hacked. Many of the attributes that make us unique, such as curiosity, or our ability to trust or even willingness to embrace routine, can mean that we are perfect participants in a game that is overwhelmingly stacked against us. We need to remove threats from the equation, before the decision to make an unwise choice is presented to the user. For example, most of us are perfectly willing to open an attachment or click a web link that appears to come from the CEO. The attacker has an unfair advantage in this scenario and will probably only be defeated if the threat is eliminated before the person chooses to trust the malicious content.”
“Organizations need to accept that minds can be hacked”
With file-based cybersecurity threats increasing faster than ever, traditional reactive detection-based security solutions – such as antivirus and sandboxing – simply can’t keep up. Threat elimination lies at the core of Glasswall’s Content Disarm and Reconstruction (CDR) solutions. Our approach proactively and instantaneously rebuilds files to a “known good” security standard, so customers benefit from safe, clean files that have been rebuilt to the manufacturer’s published specification, removing any places for malware to hide.
Let’s put this in context – approximately 1 in every 100,000 files contain malicious content, with 97% unknown to anti-virus solutions at the time it is removed by Glasswall. What’s more, it takes an average of 18 days for this malicious content to become known by detection-based anti-virus solutions after its removal by Glasswall. Meanwhile, sandboxing exposes organizations to risk from advanced malware and disrupts business productivity. A Fortune 1000 company often sees millions of files each day flow through its users. Potentially tens of files breach the last line of defence each day as traditional Endpoint Solution and Response are unable to remove the threats because they don’t have an adequate understanding of where novel malware hides in files.
To learn more about Glasswall CDR, click here.
