October 23, 2017
In part one of our series on phishing attacks and how to stop them, we laid out the main strategies hackers use to infiltrate an organization. From a phishing email to social engineering and planted flash drives, these devious methods can cause significant harm to a business, but knowing how they might attack is only the first step of prevention. From there, we must find ways to protect our business, educate our workforce, and secure our IT environment from such threats. This conclusion to our series on phishing will complete the circle and discuss the methods you must take as an IT director or executive to protect the business.
Educating Your Workforce
You may know the phishing strategies a hacker may take, but you will not always be the target. It only takes one employee to let in malware to infect the environment. With that in mind, you must train your team to be able to recognize and respond to a phishing attack.
You need to create or utilize some sort of educational course to explain the main phishing strategies in use, and then you must distribute this program to the entire workforce. That being said, there are some considerations to make when designing your curriculum.
- Digital and Physical Copies: Your curriculum must include both physical and digital content. Utilize your office bulletin boards, print out flyers, hold in-person meetings. A single email sent out to the team can be easily ignored.
- Recruit Department Heads: Ultimately, the IT director does not bear the same authority for an employee as their direct manager. Recruit department heads in the business to hold training seminars and distribute the course materials.
- Show Examples AND Results: The internet creates a level of abstraction between a cause and the real world impact. In your curriculum, you should definitely show examples of what phishing attacks look like, but you should also describe the effects they can have. Show the impact a single mistaken click can have on a business. This will help establish the importance of the material.
To err is human, and even the best taught course will not create perfect students. No matter how well you teach your workforce, you cannot guarantee that a mistake will not be made. Therefore, you must still protect your environment against the possibility or inevitability that a phishing attack will strike one of your workers.
- Edge Security: Make sure your environment uses at least a next generation firewall, but also consider solutions such as Cisco Umbrella, which will protect the edge of your network. Even if a user clicks on a malicious link, these solutions will help safeguard the environment.
- Email Filtering: Whether through a third party or on-prem appliance, you need an application that will scan for malware in your email communications.
- End User Protection: Every end user device needs to have a combination of anti-virus and malware protection to counteract any malicious data that intends to infect the end device itself.
Your security strategy cannot stop at the edge of your network. If and when some phishing attack tricks your team member and breaches the edge network defenses, your only hope is to identify and remediate the issue before damage has been done. The difference between two hours and two weeks can be everything in a corporate hack.
- Log Protection and Intrusion Detection/Prevention System (IDPS): These solutions will go a long way to identify and remove harmful malware from your environment. The former will analyze your log behavior to locate unexplained trends in your network activity. Once found, these solutions will zero-in on the activity, so your administrators can address it. The IDPS searches through your network activity and reports any violations of network policy to administrators. From there, it can be safely removed from the environment.
Security Is About Mitigating Risk
In the data security industry, they say that security professionals need to be right 100% of the time, but a hacker only needs to be right once. This dynamic is made that much more difficult to manage when the team welcomes in hacks by clicking on phishing attempts. For this reason, it is imperative that businesses educate their teams, secure their networks, and deploy detection applications in order to thwart these attacks. Yet, no security system is perfect, and the risk will always be there. Our job is to mitigate the risk as much as possible, and these measures do exactly that. With the right strategy, we can turn an eventuality into a remote possibility.
Like what you read?
Mindsight, a Chicago IT services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We have one of the largest expert-level engineering teams delivering the full spectrum of IT services and solutions, from cloud to infrastructure, collaboration to contact center. Our highly-certified engineers and process-oriented excellence have certainly been key to our success. But what really sets us apart is our straightforward and honest approach to every conversation, whether it is for an emerging business or global enterprise. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.