There was a major increase in the sophistication and quantity of attacks targeting individuals, organizations, and – increasingly – critical infrastructure in the first six months of 2021. In fact, the latest global threat landscape report from FortiGuard Labs saw that ransomware increased tenfold over the prior year. At this time last year in 2020, bad actors had shifted their resources away from enterprise infrastructure devices to home networks and consumer-grade products. But now, they are aggressively targeting both.
For instance, top intrusion prevention system (IPS) detections show a disturbing trend. (An IPS is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.) While criminals continue to target small business and consumer-grade technologies to exploit home workers, they have also returned to targeting corporate networks and content management and application development platforms (CMS).
And that means financial services organizations, which remain a top target for cybercriminals, can’t ease up in terms of improving their cybersecurity posture.
Cyber hygiene starts with training
The majority – 85% – of data breaches involve human interaction, according to the 2021 Verizon Data Breach Investigations Report. That’s why humans need to be at the heart of any cybersecurity strategy. You can have all the security solutions in the world, but if you’ve overlooked training your employees in cyber awareness, you’ll never be truly secure.
Make sure all your employees get substantial training on spotting and reporting suspicious cyber activity. Teach them to maintaining cyber hygiene and to secure their personal devices and home networks. Employees should get training when they are hired and periodically throughout their tenure, so the information stays current and top of mind. Also, keep training updated, and include any new security protocols that need to be implemented.
Train individual employees, particularly remote workers, on how to maintain cyber distance, stay wary of suspicious requests, and implement basic security tools and protocols. This can help CISOs build a baseline of defense at the most vulnerable edge of their network and help maintain the security of critical digital resources. Organizations also need to practice good basic cyber hygiene to ensure all systems are properly updated and patched. And, because attacks can take just just seconds, to compromise the endpoints. Real-time visibility, analysis, protection and remediation for endpoints is vital for employees.
Practice zero trust
Along with cyber hygiene training, two other elements are incredibly helpful in the fight against ransomware. One is zero trust. A previous article discussed the necessity of the zero trust security model for the financial industry. This model assumes that anything or anyone trying to connect to the network is a potential threat.
Accordingly, no one inside or outside the network should be trusted unless their identification has been thoroughly checked and verified. Zero trust recognizes that threats both inside and outside the network are a ubiquitous reality. These assumptions inform the thinking of network administrators, driving them to design stringent, trustless security measures.
When the zero-trust model is in place, every individual or device that tries to access the network or an application must undergo strict identity verification before access is granted. This verification uses multifactor authentication (MFA) and requires users to provide multiple credentials before they can have access.
Zero trust also includes Network Access Control (NAC), which is used to restrict unauthorized users and devices from gaining access to a corporate or private network. It guarantees that only users who are authenticated and only devices that are authorized and compliant with security policies can enter the network.
Financial services organizations have faced the difficulty of providing cost-effective, secure, and robust connectivity to their branch offices, which are often distributed across cities, states, and even across multiple nations for a while now. Today, they are adding more remote workers and branch offices while also adopting new cloud applications and infrastructure.
Simultaneously, traditional Multiprotocol Label Switching (MPLS) connections are showing themselves to be ineffective. In fact, they are sometimes inhibiting – or even prohibiting – visibility, security, and performance amid the proliferation of new locations.
This means they need secure connectivity solutions that can extend fast, compliant, and secure access to these cloud-based applications and the core network. Secure SD-WAN can be a key player here. When organizations find a secure SD-WAN solution that meets their needs, they can enjoy the combined benefits of next-generation firewall (NGFW), WAN optimization, automation, and traffic shaping, among others.
Joining networking and security into a single security-driven networking solution offers high-speed performance, as well as built-in NGFW functionality. It also enables simplified scalability and management, both of which are crucial as new offices open in the future.
The latest data shows that bad actors are not only targeting less-secure home office devices and networks but have returned to aggressively attacking corporate ones, too. Ransomware remains lucrative and, therefore, popular. Financial services professionals face a constant cybersecurity battle, particularly as remote work becomes permanent and MPLS proves ineffective. However, there is hope.
A cyber hygiene training strategy coupled with ZTA, real-time endpoint protection, and secure SD-WAN will help to manage ongoing and evolving threats.
About the author:
Renee Tarun is Deputy CISO at Fortinet. She is focused on enterprise security, compliance and governance, and product security. She is also co-author of the book, “Cyber Safe: A Dog’s Guide to Internet Security.”