Get updates delivered to you daily. Free and customizable.
NJBIZ
TECH INTELLIGENCE: Stand your ground
By Carl Mazzanti,
14 days ago
We were working on a cybersecurity project for a town in New Jersey when someone called claiming to be from another public organization. They wanted to know about the cyber defenses we were using.
We became suspicious about the questions they were asking, so we asked for their email address and phone number (the town did not have caller ID). The caller sent us an email, and while they were still on the line, we checked it and saw that the address had just been created at that moment.
The party on the line was a hacker, trying to get some inside information from us. So, we tried to keep them on the line while an eMazzanti team member contacted law enforcement. We even asked them if they wanted to meet us at a local coffee shop to discuss their situation, but they declined the invite.
A law enforcement officer tried to track the number, but it was from overseas, so they couldn't go further. Then the hacker hung up when they realized we weren't fooled. This incident highlighted a concerning pattern: many phishing, hacking, ransomware and other cyber attacks originate from countries like Russia and China. Prosecuting these attackers is difficult due to their location.
The situation has gotten so obnoxious that some bad actors now “sign” their malware in a bid to capture bragging rights. As businesses face more cyber attacks from hackers, they cannot run from these threats. Instead, you can use a strategy similar to Clint Eastwood's: Stand Your Ground. This involves partnering with a cybersecurity provider who will use training and technology to safeguard your systems and data.
By implementing this approach, you can better protect your information from potential threats. Your cybersecurity provider’s first step will involve finding and listing all your assets that bad people might want to attack. Next, the provider will create a network architecture diagram illustrating the connections between assets and processes in your network, showing how these assets and processes communicate with each other.
Then your cybersecurity partner will check how well your organization can stop and handle cyber attacks. These analyses may involve a tabletop exercise to simulate your cyber risk management and response procedures. Another option is a Penetration Test , where experts attempt to exploit weaknesses in your system, using methods similar to those of a hacker.
Once weak points are identified and cataloged, your cybersecurity professional will suggest a layered defense system, so even if a bad actor manages to compromise one level of security, other levels will remain to mitigate or eliminate the threat.
Such a layered cybersecurity defense typically features a SOC (Security Operations Center) and SIEM (Security Information & Event Management) for automated threat detection and reporting on internal issues. Additional security layers include multifactor authentication to verify your identity when logging in, and automated data backup that will enable you to recover your information if a bad actor manages to pull off an attack.
A robust cybersecurity program will also feature training, including simulated attacks and tasks to improve user behavior. It should also track employees’ progress with easy-to-understand reports. You can keep your cyber training updated with interactive games that cater to different learning styles. The lessons should be short, lasting five to fifteen minutes, so users can easily fit them into their schedule. Users should also be able to access training on any device, at any time.
Well-crafted security awareness training can reduce risky employee IT behavior that leads to security compromises. Programs that leverage relevant information and knowledge verification on information security, social engineering, malware, and industry-specific compliance topics can enhance employee awareness and resistance in the office, on the streets or remote-work devices against cyber-attacks that target your organization.
Bad actors will continue to launch attacks. But businesses that partner with a cybersecurity provider can stand their ground and feel secure, knowing that strong defenses are keeping them safe.
Carl Mazzanti is president of eMazzanti Technologies in Hoboken, providing IT consulting and cybersecurity cervices for businesses ranging from home offices to multinational corporations.
Get updates delivered to you daily. Free and customizable.
Welcome to NewsBreak, an open platform where diverse perspectives converge. Most of our content comes from established publications and journalists, as well as from our extensive network of tens of thousands of creators who contribute to our platform. We empower individuals to share insightful viewpoints through short posts and comments. It’s essential to note our commitment to transparency: our Terms of Use acknowledge that our services may not always be error-free, and our Community Standards emphasize our discretion in enforcing policies. We strive to foster a dynamic environment for free expression and robust discourse through safety guardrails of human and AI moderation. Join us in shaping the news narrative together.
Comments / 0