The New Cyber Norm
Cyber Security Awareness Month Commences!
It’s the most wonderful time of the year… Cyber Security Awareness Month! In true Secure Sense fashion, we want to arm you, the people, with our top security knowledge, tips and tricks to keep your organization out of the headlines, and focused on what matters most, your business.
Each week this month will be dedicated to a new cyber security theme and you’ll have the opportunity to follow along on our blog and social media channels. So, grab a coffee, kick back and enjoy Week One.
Cyber Security Challenges in 2020
It feels like we say this every year (or every day!), but in today’s uncertain and ever-changing environment, cyber security is more critical than ever. One of the past year’s most notable developments is that so many organizations have shifted from the traditional office setting to remote work as an effort to stop the spread of the pandemic. This shift added challenges to already overburdened security teams, grappling with an expanded attack surface, increased attack activity, the potential for decreased or incomplete visibility, and overall higher event rates. While this has led to even more security measures being enforced, it’s no surprise that we’re also seeing a significant increase in security breaches originating with phishing emails designed to compromise endpoints and personal devices, acting as a gateway to get user credentials. According to Fintech News, phishing attempts alone have increased by 600% since February. Not only does this increase risk associated with difficult to mitigate vulnerabilities for most organizations, it also increases demands on the organization’s resources to respond to and remediate incidents.
The New Norm of Cyber Security
As 2020 brought on a global pandemic, an inevitable shift in cyber security became the norm. Many organizations had to act quickly to move their employees to work remotely, creating challenges as many IT teams and organizations were not prepared to take on this kind of task as quickly as the pandemic hit. Lack of infrastructure, proper cyber security training for employees, and the use of personal devices on unsecure networks while working from home are just a few of the issues organizations faced. The majority of the workforce is less and less restricted to secure corporate network environments architected to limit attack surface and layer security controls, and there has been a substantial migration to where “working from home” is the norm, and no longer the exception. Mass remote work enablement is a sudden reality for many decision makers and architects and there are new threats preying on this increased attack surface, using our fears and our urgency to maintain business processes against us.
Why is This More Important Now Than Ever Before?
In the corporate cybersecurity world, we know how crucial it is to be able to rapidly detect emerging and evolving threats. We understand the imperatives of best practices, the need for best-of-breed technology and the value of eyes on glass, watching and responding to what goes on in our environments and with our users. But Security is not just for companies, it starts and ends with individuals. We read and have blogged about the many statistics showing that the majority of breaches begin with an e-mail and/or an endpoint. Whether it’s poor choices when it comes to managing our passwords, not inspecting a link in a seemingly legitimate e-mail, not installing updates or a million other possible scams and mistakes, security awareness is not just for the experts and responders. Perhaps the best thing we can do to increase security is to do our part to spread good security basics to our employees, coworkers, friends, and families. But training and hygiene alone aren’t the only goal of security awareness. While our industry continues to grow based on the dire need for security experts, security controls and the advancement of security technology, there remain a lot of fallacies and optimistic thinking surrounding cybersecurity. Advanced security tools may be a necessity today, but these technologies and the expertise to use them effectively put strains on budgets that still see security as an afterthought, rather than a key consideration in business planning. Enterprise level solutions are increasingly available and affordable for smaller businesses and companies like Secure Sense are making intentional pushes, finding innovative ways to make managed services available to mid and small market organizations that need them. That said, many organizations still feel that they’re “secure enough” or “not a target”. But we know that’s not true, and we know that more than two thirds of organizations are victims of successful attacks in a given year and nearly a third of them are SMBs. Given the trends in attacks and phishing campaigns since the dawn of Covid-19 this can only increase unless we act decisively.
We All Have A Part to Play in Security
Security awareness may begin and end with individuals, but it must extend to the leaders of organizations, organizations as a whole, municipalities cities, countries and coalitions. It is necessary not only to advocate best practices, but accessibility of technology and services and continued widespread advisory about what threats are out there for individual and organizations of any size.
Secure Sense was built on a culture of Cyber Security Awareness. From our employee security awareness training programs targeted at our own employees and our customers, to being a best-of-breed shop focused on bringing the best solutions at the best value to as many organizations as possible, to our innovations in service offerings, our business model has been to get security out there. We believe that, especially in cybersecurity, nothing is better for business than being trusted.
In honour of Cyber Security Awareness Month, we will be sharing insight on the latest cyber security news, tips from Secure Sense experts and general security knowledge geared towards keeping you out of the headlines and focused on what matters most, your business. Don’t miss a beat by following along on our Twitter, Facebook and LinkedIn Pages.
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how we can improve your organization’s security, our services or just want to chat security please give us a shout.