Maksim Kabakou - Fotolia
There has been no shortage of high-profile hacking stories in recent months, each of them highlighting the fact that organisations need to make cyber defence part of their day-to-day operations.
Employees play a key role in protecting the enterprise, but it is critical to support them through effective organisational security controls, such as the following:
Designed to flag where additional cyber security training is required, phishing tests pose as genuine requests for details to encourage users to provide details that they should not.
To be effective, phishing tests need to show which users clicked on links and entered partial or complete details. Phishing exercises also provide evidence of whether policies are being adhered to and, by enabling users to become familiar with the type of approaches the cyber criminals take, reduce the likelihood of a real issue being exploited.
Using a separate authentication device and single-use codes provides an additional security step. Two-factor authentication (2FA) uses two different mechanisms to prove the user is the correct person, thereby guarding against impersonation risks.
Non-password validation technology
This includes image-based questions. It needs to use dynamic information, such as a visual prompt that it is not possible to glean from static form text, to test visual and immediate information processing. For example, reCaptcha requires users to make a change on the screen that is difficult to script and therefore protects against automated attacks.
Visual prompts guard against machine-learnt brute force techniques, whereby machines continue to bombard websites or authentication mechanisms with thousands of different combinations until one is successful (essentially a high-volume trial-and-error approach). Testing visual and human intelligence responses reduces the likelihood of passwords being the single control mechanism and so strengthens the authentication protocols.
Integrated spam reporting and virus scanning
Suspect emails, plus any attachments, are quickly identified as spam, and immediately “quarantined” to a safe zone.
Any attachments or code must be prevented from deploying and the message should remain intact, including the header information, which contains vital trace data for reverse engineering the delivery paths. This allows early reporting of suspicious emails and guards against them being spread throughout the organisation and network.
The risk of cyber attacks can be reduced with strong administrative procedures. These include regular anti-virus scans and upgrades, strong password policies that are enforced, and automated cleaning of browsing history and cache folders.
Read more from Computer Weekly’s Security Think Tank about security controls
- Avoiding the blame game.
- Security is a shared responsibility.
- People are part of security, but should not be key element.
- Employees are in the cyber firing line, so educate them well.
- Is a ‘cyber-safe working environment’ a reasonable target?
- Employees should only have to worry about social engineering.
- Are employees cyber pawns or cyber heroes?
- Use the work environment to educate on cyber security.
Users should also know to check that incoming emails addresses are not “masked” and report email threats to the IT administrator so that, if required, amendments can be made to the firewall and networking configuration.
Regular reminders of good email practice reduce the likelihood of a phishing attack succeeding. This could include a permanent header within the email interface, reminding users not to click on links from external sources and never to give away information such as passwords, as well as providing links to relevant training information.