Myth 1: the network is very complex and I can’t understand it.
Reality: you don’t need to be a technical expert to make smart network security decisions.
We make security decisions every day (for example, whether to turn on the alarm) without necessarily knowing how the alarm works. The board makes financial or risk decisions on a regular basis without having to know the details of each account or invoice. The board should rely on its cybersecurity experts to provide insights so that the board can make informed decisions on cybersecurity.
Myth 2: cyber attacks are complex and I can’t do anything to stop them.
Reality: adopting a methodical approach to network security and implementing relatively small changes can greatly reduce organizational risk.
The vast majority of attacks are still based on well-known technologies (e.g., phishing email) that can be defended against. Some threats may be very complex and use advanced methods to break into well defended networks, but we can usually only see this level of commitment and expertise in nation-state attacks. Most organizations are unlikely to be the target of this type of continuous effort, and even those organizations will find that even the most sophisticated attackers will start with the simplest and cheapest option to avoid exposing their advanced methods.
Myth 3: because network attacks are targeted, I have no risk.
Reality: many network attacks are opportunistic, and any organization may be affected by these non targeted attacks.
Most network attacks are essentially aimless and opportunistic. Attackers want to take advantage of weaknesses (or vulnerabilities) in the system, regardless of who the system belongs to. These may be as destructive as targeted attacks; Wannacry’s impact on global organizations – from shipping to NHS – is a good example. If you are connected to the Internet, you are at risk. This trend of non targeted attacks is unlikely to change, because every organization – including organizations – will be valuable to attackers, even if it is only the money you might pay in a ransomware attack.
How does cyber attack work?
A good way to improve your understanding of network security is to look at examples of how network attacks work and what your organization can do to mitigate them. It’s a good starting point to look at what’s happening in your organization.
Generally speaking, there are four stages of network attack:
Investigation – investigate and analyze existing information about the target to identify potential vulnerabilities.
Delivery – the point in the system where the initial foothold in the system is reached.
Violation – exploit the vulnerability to obtain some form of unauthorized access.
Impact – perform activities within the system to achieve the attacker’s goals.
Defense against network attacks
The key to understanding network security defense is that they need to be layered and include a series of measures, from technical solutions to user education to effective policies. The following information diagram shows defense examples. These defense measures will help organizations resist common network attacks.
Our section on implementing effective network security measures provides more details and questions. You can use these details and questions to learn more about your organization’s defense measures.
In 2020, almost all the work in the world is turning to remote office, and the infrastructure, applications and access control have changed rapidly almost overnight. This also means that the traditional security protection scheme is also facing this huge challenge. At present, 99% of organizations are using one form of public or private cloud, and the adoption rate of cloud is rapidly exceeding the ability of the organization to protect the cloud environment, which makes the organization more vulnerable to threats, especially through attacking remote office personnel to obtain enterprise confidential data.
Many companies are facing a growing obstacle of network security skills gap, with extortion software, phishing and targeted attacks increasing every year. However, due to the heavy burden and insufficient personnel, many enterprises have not put network security protection on the agenda.
Even if some enterprises have the strength to set up a security team, there is still a dilemma of no one available. Due to the shortage of relevant talents, it is a headache to recruit and retain network security talents in all industries. In order to solve the shortage of labor skills, many enterprises can only outsource security functions to service providers or use managed security services.
However, if an organization does not have sufficient personnel and continuous monitoring, many threats such as extortion software, phishing and vulnerabilities may still occur.
Therefore, how can enterprises without too much security budget prevent security incidents?
At present, the most economical and effective way is to include the important course of network security protection in the internal training of enterprises.
Because, the most important attack means and breakthrough of hackers are every member of the enterprise.
Currently, extortion software and phishing are the biggest threats to most enterprises. Attackers mainly launch attacks through phishing and social engineering. Even in a highly monitored environment, these types of attacks are still a threat because they target vulnerabilities in human interactions, not vulnerabilities in applications or devices. E-mail is one of the oldest network technologies still in use. Because many organizations have not taken appropriate measures to address potential threats, e-mail is still one of the most prominent security issues.
Network security training is very important to improve employees’ security awareness. Most employees in an organization are unconscious of network attacks and security responses. Therefore, the enterprise must formulate clear policies on the use of office equipment and network types, and regularly conduct network security awareness training to ensure that its employees are familiar with the types of network fraud and how to identify and report such fraud, so as to avoid the attacks of unknown software and phishing.