Businesses are constantly faced with new, more advanced cyberattacks. Unfortunately, it has become a matter of when, rather than if, your business network will be breached by a cyberthreat.
A recent independent survey from Sophos (7 Uncomfortable Truths of Endpoint Security), has shown that 68% of organisations say they were hit by a cyberattack in the last year. Out of 200 companies in South Africa surveyed by Sophos, 69% fell victim to a cyberattack last year.
Unlike lightning, cyberthreats strike twice, most organisations fell victim to an average number of two incidents. This shows that many companies might have ongoing weaknesses in their defences that are exploitable.
1. Servers are the perfect staging ground
Even though IT administrators don’t consider servers high-risk because users don’t log into them, most threats (36.7%) are found on the server. This suggests that organisations are not catching threats earlier in the cyberattack, pointing to a lack of visibility and endpoint security gaps. For most businesses, attacks on servers have the biggest impact on the organisation.
The best solution to protect your servers is a firewall, but not just any firewall will do. You need a server firewall that is synchronised with the rest of your network to ensure that any threats or suspicious activity can be addressed immediately.
It is important that your firewall solution offers a control centre that integrates your network, users and applications so you always have full visibility of your network. Some firewall vendors provide automatic threat response to immediately identify and isolate compromised systems to prevent them from spreading, this gives your IT team more time to resolve the threat.
2. Nearly one in 10 threats are discovered on mobile devices
It’s no longer enough to secure your network devices, mobile phones and tablets are a significant danger. Businesses must ensure that all devices with access to corporate information are properly secured, even if employees only use their devices to check emails when they’re out of the office.
Most companies these days have security software installed on their network devices, but employees’ personal devices are often overlooked (even though they often have access to the same network with all your business data). It is also important to create guest networks for Wi-Fi access, this will prevent any infected devices from threatening your business data.
You can minimise this risk with a Unified Endpoint Management (UEM) and Mobile Threat Defence (MTD) solution, it will allow you to manage all mobile endpoints on your network. Some vendors also offer the option to manage all your security products from a centralised interface and console to take some of the strain off your IT team.
3. All the dwell time in the world
Companies were asked how long it took to discover the most significant cyberattack in the last year and for those that knew the answer, the average was 13 hours. This is more than enough time for hackers to extract sensitive data, steal credentials, install money-stealing Trojans, install ransomware, and more.
The dwell time varies from country to country, South Africa was near the end of the spectrum, taking up to 16 hours to discover threats. Although 16 hours is a long time, this is a best-case scenario because other research, like the Verizon Data Breach Investigations Report, states that 68% of data breaches can take several months or more to discover.
To identify threats as quickly as possible, you need an endpoint detection and response (EDR) solution that identifies suspicious events in real-time on all your network devices. If organisations have effective tools in place to identify what is suspicious, they can focus their limited IT support resources in the right places to stop cyber threats.
Ultimately, protecting your business network from cyberattacks comes down to the details. You need to ensure that all devices, endpoints and vulnerabilities are monitored around the clock. It can seem an impossible task unless you have a comprehensive cybersecurity solution that gives you an overview of the entire business network and offers a real-time response to cyber threats.
This article was published in partnership with Duxbury Networking.