MBT-Blog-Security-Hole

Hackers have it pretty good these days. They have a guaranteed way into your environment. It’s a way into your systems that works so well they’ve mostly given up trying other approaches. Today, an estimated 90% of cyber attacks that result in a data breach begin with this method of attack.

This method of attack is also not bothered at all by your firewalls or anti-virus software. These defenses let the attack straight into your environment because it looks exactly like normal web or email traffic. There is no attached virus for pattern matching, and the payload can execute entirely in memory with nothing getting written to disk until it’s too late.

The threat is also growing dramatically, with attacks against this security hole up over 600% since the start of the COVID-19 pandemic.

So what is the good news? The good news is that your users are the security hole!

Wait, what? How is that good news?

I’m sure you’ve heard that users are a computer’s biggest risk. The vast majority of data breaches today happen as a result of anĀ email phishing attack that a user responded to. The good news is that knowing this makes your users your biggest opportunity. Now that you know the attack vector that represents the majority of your risk, you have a tremendous opportunity to plug the hole, and by doing so dramatically reducing the likelihood you will experience a data breach.

What can you do to plug the hole?

  • Create a culture of security – This is the most important and begins with the support of management prioritizing security, providing resources, and sometimes supporting unpopular policies.
  • User training and positive reinforcement – Every organization should conduct an ongoing program of ethical phishing and user training to reinforce positive behavior and maintain a high degree of security awareness. Reward positive behavior rather than punishing mistakes, and repeat, repeat, repeat.
  • Implement best practices – In addition to strong password controls, multi-factor authentication (MFA) should be considered a requirement to gain access to any secured resources. Contact your IT expert for help.
  • Use the best technology – Deploy advanced behavior based endpoint protection that analyzes behavior and automatically shuts down unwanted processes. Anti-virus alone is no longer adequate to protect you.

Medicine Bow Technologies can dramatically improve the security of your data by helping you plug the biggest hole in your network. Call us now to set an appointment at (307) 721-4050.

Elmer Robinson, Cybersecurity Director, MBT
Elmer Robinson, Cybersecurity Director, MBT