Over the last year, we've seen a record number of cyberattacks on businesses, from manufacturing to healthcare to utilities, causing victims to get locked out of their critical systems and putting strain on supply chains. The impact has been substantial — disrupting operations, production, and shipping — and far reaching. While the holiday season has typically been a time for spending quality time with friends and family and taking some well-deserved time off, cybercriminals aren’t taking a holiday break, and are instead capitalizing on infosec teams operating with a skeleton staff.
New reports from the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) show that in 2021, cybercriminals have already taken advantage of holidays to enact major cyberattacks. With over $16.8M reported in losses, the question becomes, “Do businesses have the right tools, processes, and people in place to protect their critical assets?” Here’s how business leaders can prepare for these cybersecurity challenges as they head into the holidays.
Identify infosec employees for weekends and holidays
Ensure that your key IT or security personnel are available. With the right team, organizations can quickly respond to and recover from internal and external threats.
Educate employees on security best practices
An organization’s entire workforce must be actively engaged in reducing risk. People are the biggest asset to an organization, but also the weakest link. Now is a great time to refresh employee cybersecurity skills, reminding them to be wary of risks like phishing and suspicious email.
Integrate existing systems with new processes
As your organization finalizes budget and evaluates new solutions for the coming years, ensure that any systems or applications you onboard are integrated with existing systems to ensure that they’re protected.
Implement multi-factor authentication for remote access
Multi-factor authentication (MFA) offers an extra layer of security, requiring users to provide at least two forms of authentication. The first is typically your username and password. The second is something you have (a code pushed to your phone or a USB key) or something you are (fingerprint or other biometric data). In combination with MFA, single sign-on (SSO) can increase password strength and provide a more streamlined experience by allowing users to log in using an already trusted third-party verification.
Secure user accounts
Regularly audit administrative user accounts and configure access controls under the principles of least privilege and separation of duties.
Define a clear security plan and strategy
Define, communicate, and test existing business continuity plans (BCPs) to ensure they consider scenarios of business processes.
Develop plans for a proactive approach to securing your critical systems
Organizations need a cybersecurity plan that goes beyond the scope of current defense-in depth-deployments, protecting endpoints, and backing up files. Businesses should leverage the powerful native security capabilities of modern software technology.
At the center of every business are the business-critical applications organizations use to run everyday operations. Business-critical applications are complex systems made up of multiple software components, application servers, databases, and operating systems. While the most critical of functions, these applications are also oftentimes overlooked due to their interconnectedness and overall complexity. 92% of the Forbes Global 2000 relies on resources such as SAP Business Suite, which contains personal identifiable information, financial records, and other important data. Salesforce holds all customer and prospect information. While these applications modernize business practices, streamline processes, and provide increased flexibility to adapt to work-from-anywhere initiatives, they also create a complex web that makes it challenging to understand risk.
An attack against a business-critical application could weaponize the rights and privileges of an administrator. If an administrator role is hijacked, the attacker could bypass all controls of the application, as well as its business data and processes. Successfully exploiting a vulnerable system allows an attacker to execute a wide range of malicious activities— with impacts ranging from supply chain and manufacturing process disruption to redirected financial payments to compromised sensitive data, most of which is subject to compliance regulations. IT security practitioners must work to protect against internal and external threats.
While cybersecurity preparedness should take holiday trends into account, your organization should prioritize business-critical application security all-year round. And the need to protect these systems is more urgent than ever before. Establish the right risk-based patch, code, and vulnerability management processes to stay ahead of cyber threats.
- Webinar: How to Secure Your Business-Critical SAP Applications Against Modern Ransomware
- Whitepaper: Mitigating the Threat of Ransomware to Business-Critical SAP Applications
- Whitepaper: 5 Reasons Why You Need Vulnerability Management for Business-Critical Applications