As CenturyLink’s Chief Security Officer, I am tasked with the challenge of overseeing the risk mitigation strategy to protect CenturyLink’s clients, employees and more than 600,000 miles of network. But when I speak of the current state of cybersecurity, I observe one main problem: the industry is largely based on solutions, not strategy. It’s imperative for security IT professionals to move from being technical, solution-based thinkers to threat-focused thinkers and essential to understand the adversaries you face—their motives and their modus operandi—in order to properly prepare a security strategy that can effectively reduce the risk of a major hack.
These threats can be grouped into four principle categories:
- Nation States
These adversaries are highly sophisticated and highly motived. Nonetheless, stealing state secrets from government servers is very difficult, especially compared to compromising a university or private business. Their targets are often organizations with U.S. government contracts or those who engage with foreign governments. Various government actors have shown a keen interest in conducting long-term incursions into businesses, political organizations and research institutes with ties to the U.S. government. They’re after everything from technology secrets to litigation strategies.
- Multinational Criminal Organizations
Also very sophisticated, multinational criminal organizations have commercialized hacking by developing programs to offer “crime as a service.” They design malware, create botnets, and rent their facilities to others for money making activities, constantly probing at the periphery of major businesses looking for opportunities to steal valuable information, or to demand ransoms of companies in exchange for not taking down websites. It’s essential that enterprise businesses pursue third party risk assessments to identify holes in their defenses.
Although their objectives may be divergent, their approaches are often similar. Hacktivists seek to sow disruption misdirect by planting misleading data or taking down police and government systems.
The training of your employees is critical for defending against cyber threats. The vast majority of hacks involving employees are the result of a good employee clicking on the wrong thing. Robust employee training programs teaching employees to avoid phishing scams and how to maintain fundamental security practices can greatly reduce risks.
Threats coming from insiders with bad intentions are rarer, but people don’t just do bad things without telegraphing it. Many times, the signs that an employee is planning a breach of the company’s data security are obvious in retrospect, but frontline managers lack the training to spot it. The organization may even lack the framework to report and investigate potential problems from insider threats. Companies should develop insider threat training programs that work, much like workplace violence prevention programs.
So, how can you prevent these adversaries from harming your business? It may seem daunting but here is a way to tackle this effectively and efficiently. Experts are available to help you determine where your business is vulnerable, identify the ways to plug those vulnerabilities and monitor your environment continuously to detect and remediate issues. Our team of cybersecurity experts can help. Attend one of our upcoming cybersecurity events, or schedule a security consultation to get started.