A recent survey that found careless staff beats both theft and malware as the biggest CISO fear highlights the scale of the issue and provides a reality check. Whether due to complacency or naivety, the vast majority of organisations have failed to adapt security processes and procedures to reflect the changing threat landscape.
Phishing attacks continue because they are effective. It’s easy for even cybersecurity-aware users to be tempted into clicking where they shouldn’t. As such, when users are ‘over privileged’ in terms of rights and permissions there is an even greater danger that they will be empowered to do far more damage to an organisation if they fall victim to such a phishing attack or other malware infection.
Within the IT team, unplanned changes, bypassing any change control, can cause operational performance and security issues.
Therefore the best approach is to accept that human beings are fallible and will make mistakes and to recognise that checks and balances are going to be essential. Best practise-based security standards require the use of file integrity monitoring, audit log analysis and vulnerability scanning to head off problems.
File Integrity Monitoring (FIM) is advocated as an essential security defence by all leading authorities in security best practices, such as NIST and the PCI Security Standards Council; it will ensure that a secure, hardened build standard is maintained at all times and, if there any changes in underlying core file systems (such as when an unwittingly phished employee introduces malware), this will be reported in real-time.
The fact is that every business is at risk at all times and defences and detection mechanisms must be implemented, the time to act is now!
Mark Kedgley, CTO, New Net Technologies
New Net Technologies is a global provider of data security and compliance solutions. We are firmly focused on helping organizations protect their sensitive data against security threats and network breaches in the most efficient and cost effective manner.
New Net Technologies’ easy to use security monitoring and change detection software combines Device Hardening, SIEM, CCM and FIM in one integrated solution, making it straightforward and affordable for organizations of any size to ensure their IT systems remain secure, malware-proof and compliant with the corporate build-standard at all times.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.