Posted on Wednesday, September 21, 2016 in CybersecurityBlog written by Rob Swenson
Cyberattacks can come from across town or around the world. Victims can’t always pinpoint who’s to blame. Regardless of where the attacks are coming from, businesses have to defend themselves and do it well. Their best option is to take a layered approach to cybersecurity.
A single layer of protection – set up at the perimeter of a network, for example – is no longer enough. A good cybersecurity strategy permeates the entire network and includes every person in an organization.
Advances in technology have significantly boosted productivity in business. The unfortunate flip side is that cyberattacks also have become more sophisticated. Even attacks that remain crude in design or deployment occasionally succeed.
The bottom line is that more attacks are being directed at more targets than ever before. Small and midsize businesses have become especially inviting targets because many of them lack an adequately staffed, well-trained, full-time IT department. However, companies such as SDN Communications are available to assist them. The Sioux Falls-based business-to-business broadband Internet company also offers cybersecurity services to businesses in the region.
Regardless of how an organization currently protects itself, it probably isn’t as safe as it believes. Ask the leaders of any of the hundreds of U.S. business organizations that have been successfully hacked in recent years.
The Identity Theft Resource Center, a nonprofit organization, reports that as of Aug. 2, it had documented 572 breaches in the United States in the financial, business, education, government and healthcare sectors so far in 2016. Nearly 13.5 million personal records have been exposed.
During the past decade, at least 6,382 data breaches have been reported in the United States, and nearly 865 million records have been exposed, according to the ITRC.
The need for companies to effectively implement a layered security strategy is growing in importance because businesses are creating, moving and storing electronic assets of greater value than ever before.
This column wraps up a series of seven blogs in which SDN outlined the basics in taking an in-depth, layered approach to cybersecurity. Some of the highlights in the series include:
- Establishing a good, effective cybersecurity strategy must start with buy-in and the ongoing support from the top of an organization. Network security is no longer a job that can be left solely to IT staffers.
- In most cases, employees are the most vulnerable point of access for cyberattacks. Every member of an organization, from top to the bottom, should be trained, retrained and periodically tested on the basics of good cybersecurity. They should never, for example, click on a suspicious link.
- The edge – the point at which a company’s network connects with the outside world – is an area of great risk. It’s also an area that traditionally has received significant attention. Equipment such as Next Generation Firewalls and other appliances with advanced, threat-protection features have improved security of the perimeter, and equipment continues to improve.
- As attackers shift and broaden their sights, protecting Local Area Networks and other parts of internal networks has become increasingly important. Protecting networks involves the physical security of buildings as well as the use of technology and good network design.
- Individual workstations – all of them – also must be well protected to keep company information as safe as possible. Computer software always should be up to date, for example, and strong passwords should be required. And just in case, valuable date should always be backed up.
Taking a layered approach to cybersecurity will not make a company’s network impenetrable, but it will substantially reduce risks of loss.