One of the important aspects of creating effective security is to make an assessment about what assets need most protection. This is a multi-faceted endeavour, as this blog article will line out.
Implementing cybersecurity in a company isn’t always that easy . One of the important aspects is to make an assessment about what assets need most protection – the crown jewels, if you will. Those exist on several conceptual levels. The systems that and organization needs to stay operational certainly can be considered crown jewels. If certain systems or services become unavailable for any reason, and that outage has a fundamental impact on the company’s revenue stream, you have successfully identified the operational crown jewels of the company. Then there are still crown jewels at the data level. Any data, be it employee or customer data, trade secrets or any other piece of data can be critical. The rule of thumb here is: If the information is important for the company, and the loss of said data impacts the operation and especially the reputation, then you have identified a crown jewel and also what cybercriminals are likely to be after.
So you have to ask yourself a couple of questions:
By identifying your crown jewels, you will be able to accurately address the threats the organization or company is facing. Finding out your most important assets will also help point the way to a good security strategy and incident response plan. By this you will be able to create a strategy to protect your crown jewels. Without this step, you cannot possibly come up with a viable strategy. If you have no idea what to protect, then you also will have no way of knowing how to protect it, whatever “it” is.
Trust and reputation are among the most important intangible assets for a company. Both aspects are part of hat helps establish good customer relations, and also boost customer loyalty. A successful cyber attacks cane become the undoing of that trust which has often been built over several years, if not decades. This is all the more true if customer data is being accessed by criminals.
Leaked and stolen credentials pose a critical risk to organizations everywhere. More than 60% of breaches involve compromised credentials. Every year millions of credentials appear on the dark web and in data dumps shared by cybercriminals. Cybercriminals purchase credentials from these sources, often in bulk, to gain a foothold into a lot of company networks in order to do account takeover attacksor exfiltratedata and much more. Herein lies the rub: once a set of credentials was stolen, it is hardly being noticed, unless someone with no authorization starts doing very noticeable, “loud” things. Otherwise, it flies completely under the radar. For this reason, the term “data theft” is also a misnomer, because unlike physical, tangible objects, that can be stolen, resulting in you not having access to it anymore (e.g. your wallet or your phone), a “stolen” password remains in the original owner’s possession and they can still use it as usual. Just like a case where a criminal quickly makes an impression of someone’s house key in order to fashion their own, the owner of that key will be none the wiser. Just as you would replace a lock if your keys have been stolen, you can always reset passwords for leaked credentials. This isn’t too difficult. However, trying to discover in a timely fashion when leaked credentials appear somewhere they do not belong, such as a dark web market platform, is a much bigger problem. Unable to monitor in real-time for sensitive information on their own, companies are left exposed to financial, possibly legal, and also reputational consequences. The dark web is where cybercriminals sell company data. Ransomware groups can even buy direct access to pre-compromised corporate networks.
A good security solution is an important tool to protect your company against all these threats. After all, a lot of the leaked information is coming from backdoors, RATs (Remote Administration/Access Tools) and spyware. As a lot of leaked information is also coming from combined social engineering attacks, you shouldn’t forget to use security awareness trainings to improve the security awareness for your employees.
Another good way to tackle leaked credentials is multifactor authentication (MFA) which adds a layer of protection to the sign-in process. When accessing accounts users provide additional identity verification for instance by scanning a fingerprint or entering a special code received by phone. This way leaked credentials needn’t to be always a big problem. At least use MFA in a strict way:
But there is always more an ‘advanced’ IT security team inside a big company can do: