Lack of  knowledge can cost you a lot

By Charles Chipiliro Chioko, IT Security Compliance Officer, NICO Technologies Limited

Gone are the days where people get worried about viruses which can just cause disruption to services or denial of services to different systems. Attackers have now taken a step further stealing information and data with the aim of getting money. Recently we heard about different types of Malware which hit many companies across the globe. A lot of companies have paid to money in the form of bitcoin to get back their encrypted data to continue with their businesses. Right now, bitcoin is now a currency which companies or organizations have known apart from the usually known currency we know (dollar, Euro, etc.) Companies and organizations are now busy looking for ways on how they can secure their data and information. Some companies and organizations have migrated their data to the cloud and some have increased their Security by upgrading their Security infrastructure. Although this can be done nothing can be 100% secure, it doesn’t mean migrating data to the cloud it’s safer than keeping it on your own, attackers nowadays are also targeting those Companies which are providing Cloud-based Storage Services.

It should be noted that there is no “one size fit for all solution” in order to protect company or organization data. Its high time now for Company owners or Organization owners to realize that protecting Information and data is expensive, they should be willing to pay more to protect their data or information. A lot of Company managers or decision makers think that just having Computers with Antiviruses installed on them is safe to run their business but this is totally wrong.

This lack of knowledge from top-level management is the one which can cost the company to lose valuable data if no proper decisions are made. As I have already said there is no “one size fit for all solution” in order to protect company data, there are several things which top-level management needs to do to protect their data. Apart from the usual password management, software updates and patches, access control, installation of anti-virus software and updating of the operating system, the following can also be added to the list of the actions which organizations can take to reduce the probability of being victims of the attack.

Management buy-in: Top level management should understand that having their data and information or their infrastructure on internet is risky, as such they should be willing to spend or invest on IT infrastructure, User training, and IT processes. They should also have a proper risk management system in place to manage the risks which might come along the way.

IT Security Awareness training: Everyone including the top-level management should be trained on IT Security issues as they can also become victims of different attacks due to lack of knowledge on how to perform their day to day duties on internet. These awareness training should be done frequently and should be mandatory to all the users including top-level management.

Security Operating Center (SOC): with the current attack trend, Companies or organizations needs to build their own Security Operating Center, this will help IT Security analyst monitor the network, detect intrusion and manage threats as they occur. Security Operating centers will have an added advantage to the organizations as they will be exposed to various tools which can be used in monitoring and preventing threats.

Frequent Vulnerability Assessments: Security has passed the stage of having an Anti-virus installed nowadays, there is a need to perform frequent vulnerability network or systems assessments, this will help the IT team to identify weaknesses in their systems which can be exploited if not well managed.

New Infrastructure: It is better for organizations or companies to purchase very high performance, intelligent devices than having a lot of old or outdated devices like switches or routers. CISCO provides a wide range of intelligent devices which can be used to monitor the network, detect for intrusion and prevent malware into the system.

Effective Backup Policies: There is a need for organizations and companies to adopt strong backup policies and procedures, backups need to be tested frequently and check for inconsistencies. Dry run tests need also to be done to simulate an event of data recovery should a catastrophic event or an attack take place. Companies need to have Disaster recover sites which should be 24/7 operational and should be secured and monitored always and data or information kept on these sites need to be tested for integrity.

Encryption: Much as encryption will not prevent data or infrastructure from being lost or stolen, Companies need to make sure that their data is encrypted to prevent data being manipulated or changed in any way, all the medium which can be used to transfer data from one point to another need also to be encrypted. This ensures integrity should a device is lost or stolen, e.g. an external hard drive, a laptop, a tablet, etc.

In conclusion, as attackers are advancing in the way how they are exploiting vulnerabilities, Companies need to wake up and try all the best to combine a number of mitigation techniques to prevent being victims of attacks, as I quote a statement by Robert Mueller, FBI director in 2012 and I quote “There are only two types of companies: those that have been hacked and those that will be.”

About the Author
Charles Chipiliro Chioko is an IT Security Compliance Officer at NICO Technologies Limited. He is a Certified Cisco CCNA Cyber Ops Security Analyst and a Microsoft Certified Professional He has worked in the IT industry for more than 12 years. He is focused on Cyber Security and Network Security. He has worked for a couple of IT Companies which exposed him to different types of Systems. He is experienced in Network Security, Database Management, Systems Administration and Systems design. He started his career in 2005 when he was doing Management Information Systems then later pursued with a BSc Degree in Information Technology. For more information visit https://www.nicotechnologies.com/