Prevent your greatest assets from becoming your greatest threats
Prevent your greatest assets from becoming your greatest threats
The World Economic Forum's recent Global Risks Report revealed that cyber-attacks are now the world's third biggest threat behind extreme weather and climate change. Let's face it: we're all human and we all make mistakes. It's for this reason we cannot rely solely upon our hard-working IT staffs to protect our businesses against data breaches and security threats. Humans will always be the weakest links.

Of course, we can train our employees so they have awareness of how to spot a phishing email, for example, but even the highest-ranking security experts could be fooled by professional spear-phishing scams. After all, this is what some criminals spend their time focusing on, day in, day out. This threat is also likely to intensify in the near future with the likes of artificial intelligence-driven phishing tools absorbing the increasing amounts of data available online. 

Consequently, the truth of the matter is that our greatest assets – our people – can also pose our greatest threats. If those on the inside of our businesses have access to more information than necessary, which is often the case, then there is every possibility for them to be tricked into downloading malicious software, or even simply replying to a legitimate-looking email with sensitive data. Taking advantage of lower-ranking employees with access to sensitive corporate information in this way is a common tactic for cyber-criminals, and recent reports show that over half of workers do not check who they send their data to. Therefore, it's clear to see that mitigating insider threats should be a high priority on every business's agenda.

While most insider threats look to take advantage of naïve or negligent employees, every now and then businesses may also be struck by malicious insiders instead. The most obvious example of this is Edward Snowden, whose leaking of classified information resulted in the US government having to fork out millions of dollars in an attempt to repair the damage caused to national security. But more recently, an employee of healthcare provider, BUPA, was reported to have stolen the records of over half a million customers to share with cyber-criminals. 

Taking into account the size and severity of insider threats, it's clear that businesses should look to be proactive in addressing them. Yet, despite the gravitas of these risks, protecting against insider threats is very simple to do if you get the basics right. 

One route to achieving this is privilege management: taking away admin rights and only providing employees with access to the information they require to perform their jobs. When mapping out who needs access to what, it becomes clear that not many employees actually require access to sensitive data. By doing this, businesses can protect themselves from a whole host of security threats.

Privilege management is one of the simplest but most effective forms of cyber-security, yet many businesses are still not grasping the basics.  Recent Avecto research found that over half of IT companies across North America, the UK and Europe still provide their employees with local admin rights on Windows computers, despite the associated security threats. To put this into perspective, security flaws in Microsoft software have more than doubled since 2013, with 685 vulnerabilities found in a recent study – 80 percent of which can be mitigated by removing admin rights.

In fact, the most destructive and well-known malware attacks of all time could have been easily prevented by having a privilege management system in place. For example, last year's WannaCry ransomware attack infected over 300,000 computers worldwide, 70,000 of which were within the NHS, causing potentially life-threatening consequences. NotPetya was another ransomware attack in 2017 that took down IT systems in 65 countries, causing around £1 billion-worth of damage. These are just two examples of how failing to implement security fundamentals can result in devastating repercussions.

There is often a false belief that restricting admin rights is difficult to implement, and that it can result in trade-offs between high security and productivity. In reality, advanced and innovative privilege management solutions are simple to deploy and can easily be integrated with different systems, meaning businesses can enjoy security peace of mind without impacting user productivity – all while exponentially decreasing calls to the helpdesk. This flexibility means that while privilege management should be the foundation of any security strategy, these solutions can also be built to complement existing security strategies without disruption.

It is true that nothing can ever be 100 percent secure when it comes to cyber-risk, but as data breaches become increasingly prevalent and more intelligent methods of attack are developed, prevention will always trump detection. Finding out about attacks once they've already hit their targets is simply too little too late – and if basic security measures continue to be overlooked, then history is doomed to repeat itself.

Contributed by Andrew Avanessian, COO at Avecto 

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.