Credit: ID 154300928 © Elaelo | Dreamstime.com
Endpoints are everywhere—computers and laptops, smartphones, tablets, printers and smart home devices. On one hand, this ever-growing connectivity is delivering operational efficiencies for businesses and unprecedented convenience for consumers. On the other, the increase in endpoints gives cybercriminals more potential points of entry, meaning organisations must up their endpoint security game.
More than two-thirds of organisations were hit by a cyberattack in the last year, with larger organisations slightly more susceptible than smaller ones. Of course, these are just the attacks that organisations have discovered (and admitted to). The actual number could be much higher. As this is the case, every organisation should assume it will be the victim of a cyberattack when planning and evaluating its security strategy.
Get prepared with the right strategy
The key to effectively managing an organisation’s cybersecurity is having a comprehensive, defence-in-depth strategy that uses layers of overlapping protection. This strategy should be regularly reviewed and amended to reflect the ever-changing threat landscape, for example the rise in endpoints and changes in cybercriminals’ favoured entry points. Organisations should keep their finger on the pulse when it comes to cybersecurity, monitoring for changes in the market and making necessary updates that reflect its current standing.
Upon developing a strategy, a review process should be implemented for when a breach occurs. This process should aim to determine how, when and where the attacker was able to gain access, as well as identify their movements. For example, the attacker may have entered via someone’s smartphone and moved laterally throughout the network to reach the server. Once it is determined how the attacker gained access, necessary steps should be taken to prevent similar incidents from occurring, including updating security infrastructure and reminding employees about safety precautions. This is important as just because a cybercriminal has attacked a business once, doesn’t mean they won’t target this organisation again.
From the endpoint to the network – visibility is key
With modern attacks often beginning at endpoints, IT teams should be looking to gain more visibility from the endpoint to the network. Research has revealed that in Australia, it took on average 10 hours for organisations to discover their most significant attack in the past year. By lacking visibility into endpoints, it’s likely that security strategies are not being developed with the “full picture” and decisions are being made with only partial information at hand. For organisations to gain an understanding of the full picture, they must be able to access all the information. If an organisation is unable to do this, it should consider investing in technology that provides the IT team with this capability.
As endpoints are often used as the access point for cybercriminals to enter the network, before moving laterally—potentially to the server, which is a gold mine for bad actors—securing them should be a priority for every organisation, large or small. It’s imperative for organisations to put infrastructure in place that helps defend against these attacks and protect the endpoints, while also preparing for the day a cyberattack does occur.