Cybersecurity Awareness Month comprises a series of events, organised in the U.S. by Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA). The aim is to promote improved business cybersecurity practices.
Stephen Gorham, COO, OPSWAT has a particular interest in corporate security and how businesses can best protect themselves from cybersecurity.
Gorham notes how: “Data breaches and cyberattacks loom over every organization’s digital attack surface, and staying ahead of the curve has become not just a priority, but an absolute necessity. With the evolving threat landscape, it’s crucial to adopt a proactive approach to cybersecurity that covers every facet of your network and operations – and Cybersecurity Awareness Month is a good reminder of that.”
In outlining the primary concerns and focal points for businesses, Gorham states:
Visibility: “You Can’t Protect What You Can’t See”
To build a robust cybersecurity system, Gorham says that drawing insights from the system is key: “The old adage holds true in the realm of cybersecurity – you can’t protect what you can’t see. It’s imperative to have a clear understanding of what assets and devices are connected to your network – especially with many critical infrastructure organizations dealing with both IT and Operational Technology (OT). Without comprehensive visibility and asset management, you are essentially navigating in the dark, leaving your organization susceptible to vulnerabilities that you may not even be aware of.”
Insider Threats & Employee Awareness: Cyber Espionage and Social Engineering
Gorham also recommends that firms give more attention to insider risks – whether intentional or not – “While external threats grab the headlines, insider threats often go unnoticed until it’s too late. Cyber espionage and social engineering attacks can be devastating, with malicious actors exploiting the very people who are supposed to safeguard your organization. As critical infrastructure sectors are increasingly targeted by nation-state threat actors, employee awareness and training – combined with zero-trust security measures – are your first lines of defence against these insidious threats.”
File-borne threats
File swapping remains a gateway into a system, and here Gorham forewarns: “Organizations heavily rely on web applications for sharing and transferring critical documents essential for daily operations. Yet, these productivity files, such as word processing documents, spreadsheets, or PDFs, can serve as attack vectors for cybercriminals. They may embed malware within these files and deliver malicious payloads to unsuspecting users. OPSWAT’s 2023 State of Web Application Security Report underscores the significance of this threat, with data breaches topping the list of concerns (73 percent), and reputation damage (67 percent) and loss in business revenue (58 percent) not far behind.”
Uplevel your threat intelligence
Keeping abreast of what is happening in the sector is also essential. Gorham recommends: “Threat actors are becoming increasingly sophisticated, leveraging malware as an initial foothold to infiltrate targeted infrastructure and execute their attacks. To combat these threats effectively, organizations must embrace actionable threat intelligence. This intelligence is garnered through advanced technologies and processes, including sandboxes, and advanced malware analysis. By staying one step ahead of threat actors, organizations can detect and respond to threats before they escalate into full-blown crises.”
Gorham’s final recommendation is: “The cybersecurity landscape is evolving at an alarming pace, and organizations must adapt accordingly. Comprehensive visibility, employee awareness, proactive threat hunting and actionable threat intelligence are indispensable pillars of a robust cybersecurity strategy and just a few areas that organizations should keep in mind as they build their cybersecurity resilience.”
