Creating a Culture of Cyber Security at Work

Understanding Common Threats and How to Avoid Them

Stephen Nardone

BYOD, remote workers, and human error continue to be common threats for businesses, but enhancing your existing security plan can help to mitigate those risks and keep employees safer online. The question is, where do you start?

Reevaluating BYOD Policies

Mobile devices continue to be a weakness in cyber defense for enterprises. The number of devices accessing the network continues to increase. Establishing control over those devices remains daunting for security professionals. Implementing a BYOD policy as part of the overall information protection security plan will help to minimize security risks.

Training and Educating End Users

Spear-phishing threats remain one of the most common cyber security concerns for IT professionals. As attackers grow more sophisticated in their methodologies, signature-based responses are less effective. Defending against these attacks has become increasingly more challenging.

Many organizations recognize the risks posed by employees, but they have not developed robust and ongoing awareness training programs. Educate employees on everything from visiting questionable websites to protecting system passwords.

New Threats and New Technologies to Defend Against Them

In addition to growing concerns about malware and zero-day attacks, drive-by downloads, watering hole attacks, and denial and distributed denial of service (DoS/DDoS) attacks are now common threats.

There are several ways organizations can help to reduce their threat surface, including reducing the number of open ports and services on Internet-facing systems. Consider firewall tools and next-generation technologies that allow for granular network control, and implement a least-privileges policy.

Software defined networking (SDN), network virtualization, and microsegmentation are innovative new ways of rebuilding the infrastructure and injecting services into the network from any location. In this new architecture, each individual zone would have its own security, making it a greater challenge for hackers to access the network.

Consult With Experts

Security breaches are a real, constant threat – but you can take steps to prepare your organization and your users. What’s the best way to prevent a corporate-issued tablet from inadvertently downloading malware off a Wi-Fi network at the corner coffee shop and bringing it back to your company network? We can show you how. Let our Security Practice experts help you stop small problems from becoming headline-worthy incidents. We can help you discover weaknesses in your security environment and provide the insights and guidance you need to reduce your overall risk by fostering a culture of cyber security.

Connection is committed to promoting cyber security and online safety. Our in-house team of security experts is dedicated to helping organizations of every size reduce their risk with industry-leading security solutions and services. Connection’s Security Practice can help create comprehensive security programs that leverage the latest technologies from our partners.

Stephen Nardone, CISSP, is Director of Security Practice at Connection with over 38 years of experience in both the government side and the commercial side of the security business.

© 2020 CONNECTION, INC. ALL RIGHTS RESERVED.