Five ways to counter internal and external cyber threats

Posted on 12 May 2017 by Jonny Williamson

A high number of organisations are allowing a myriad of internal and external parties unsecured privileged access to critical systems and data, a new global study has revealed.

Industrial Internet Cyber Threats Security Attack Hack Data Crime
Within an ever more connected ecosystem, data security remains a high priority for many manufacturing executives.

The research highlighted two primary, yet distinct, cyber threats to a business: insiders and third parties.

Insiders include employees or people acting as an employee for the company such as freelancers or on-premise contractors. Third parties encompass external vendors or suppliers granted access to business systems, including outsourcers.

The study surveyed more than 600 professionals across various operations and IT roles working in the UK, France, Germany and the US.

Publishers of the research, Bomgar, has drawn up a list of pointers to help businesses better defend themselves from both internal and external cyber threats.

Enforce ‘least privilege’ as the standard

Rather than allowing users all-or-nothing access, privilege should be granted based on specific user needs and scenarios. Such an approach must allow for varying levels of individual access, with a broad understanding of what that means.

Consider the user experience

Security solutions need to be usable. Access to system should be granted in second, while still conducting all the security checks to counter potential threats. Security teams can’t risk slowing processes down in the name of security, as this affects productivity and may coax insiders to find risker work-around. Security and IT professionals need to involved end-users in the early stages of designing new policies or exploring new technology.

Implement seamless workflow processes

All too frequently, companies have the sufficient number of personnel to manage access rights for the growing number of privileged insiders and vendors. Therefore, methods of granting or revoking privileged permissions need to be easy to implement and integrate seamlessly with existing processes.

Monitor, record and analyse behavior

As the environment becomes more complex, technology can help organisations comply with regulations requiring that all activity and behavior is monitored. A company must be able to identify every individual that accesses sensitive systems and what they are doing, as well as sound the alarm if they are doing anything suspicious. All this information needs to be recorded so as to create a clear audit trail.

Review policies and train people regularly

Technology can help make security easier, but it should be one aspect of a broader solution. Security policies should be frequently reviewed, and both new and existing staff must be trained on them. Each employee or contractor needs to understand how their day-to-day actions can help protect the business from threats.