How Can You Improve Your Security Posture When Threats Are Everywhere?
The director of the US Cybersecurity & Infrastructure Security Agency recently acknowledged an unsettling truth with implications far beyond the public sector: countries that have placed sanctions on Russia face an increased risk of cyberattacks, and every organization is a potential target.
“We should consider every sector vulnerable,” CISA director Jen Easterly said in a call about Russian hacking threats as reported by Politico. “In some ways, we should assume that disruptive cyber activity will occur.”
Why companies need to adopt a heightened security posture
CISA released a “Shields Up” advisory following Russia’s invasion of Ukraine last month, recommending companies of all sizes adopt a “heightened security posture.” That includes reviewing their networks, information and systems to ensure they can respond to threats as they arise.
CISA and the FBI warned that Russian state-sponsored threat actors have already gained network access by exploiting vulnerabilities at a non-governmental organization, which allowed them to gain access to cloud and email accounts and exfiltrate documents.
Russian cyberattackers have also gained remote access to US and global energy networks in the past, according to documents the US Department of Justice unsealed last week, and they pose an ongoing threat that extends far beyond the energy sector and government agencies. Other CISA advisories warn Russian threat actors are targeting other critical infrastructure, including healthcare and pharmaceutical companies, commercial facilities and manufacturing companies. Politico notes the Department of Homeland Security defines 16 sectors of the economy as critical, including transportation, water and utilities and the financial industry.
It’s not just critical infrastructure that’s at risk. Small businesses that lack enterprise cybersecurity protections are just as likely to become targets. They may even be more likely because they assume it won’t happen to them. However, new research found 80% of organizations experienced ransomware attacks in 2021, and 60% paid the ransom.
For small companies, ransomware payments and other costs associated with recovery can be significant enough to put many of them out of business.
How to improve cyber resiliency
Cyber resiliency is the ability to anticipate, withstand, recover from and adapt to cyberattacks, according to the National Institute of Standards and Technology.
Traditional perimeter defenses designed to detect and keep out attackers, such as firewalls and malware, are no longer enough.
Attackers have become more sophisticated, and there are too many endpoints they can target.
“If you have 3,000 servers if you’re a large organization, it’s easy to gain access to a low-value server or something that’s unpatched,” said Jonathan Reiber, a former Pentagon cyber official and senior director for cybersecurity strategy and policy at AttackIQ, in the Politico article. “You can’t patch every vulnerability right now, today, it’s not possible. You have to assume the adversary is going to break past the perimeter…so the first step is to assume breach and plan for known threats.”
When cybersecurity and IT leaders assume compromise is inevitable, they must shift the focus to withstanding and recovering from attacks.
That means having a plan to ensure business continuity with clear restore time objectives and ensuring your organization is prepared to respond to different scenarios.
CISA offers a free cyber resilience review your organization can use to assess your security posture and identify gaps.
Because attackers often target enterprise data as well as networks and infrastructure, your company also needs a plan for ensuring they are unable to gain anything valuable from a breach. That includes establishing a zero trust security model with multi-factor authentication, data encryption, and data dispersion to decentralize the risk of someone accessing a repository with a single encryption key. In the event of an attack, you need to be able to restore your data quickly.
Protect, withstand, backup and restore with Myota
In a world where ransomware attacks are inevitable, Myota transforms your data to make it invincible. Our patented technology combines zero trust access controls, data encryption, micro-segmentation and dispersion, and backup and recovery into a single solution your team can implement in minutes.
Administrators can manage data access by user, device or storage location, and employees can easily protect sensitive data right from their desktops.
Myota is easy to apply to any storage environment so you can protect both structured and unstructured data consistently and completely. Discover how Myota improves cyber resilience. Learn more about how it works.