Build the cyber resilience you need to grow confidently
Over the last year, the world has witnessed a thriving cybercrime economy and the rapid rise of cybercrime services. While most industries shifted to remote work as a result of the pandemic, it created new attack surfaces for cybercriminals to exploit, such as home devices used for business purposes. There were three significant attacks in the first half of 2021: NOBELIUM (the SolarWinds supply chain attack), HAFNIUM (an on-premises Exchange server attack), and Colonial Pipeline (a ransomware attack).
The global market has grown in both complexity and ferocity. As cybercriminals continue — and even grow — in sophistication, we’ve seen the cyberattack landscape become more sophisticated.
Cybercriminals are targeting and attacking critical infrastructure across the board, including healthcare and public health, information technology (IT), financial services, and energy. Ransomware attacks are becoming more successful, crippling governments and businesses, and profits are skyrocketing as a result.
The state of cybercrime
COVID-19 has cast an uncomfortably bright light on the global state of cybersecurity. As early as March 2021, the pandemic resulted in:
- Increased security risk from remote working
- Delayed cyber-attack detection and response
- Gaps in physical and information security
- An influx of cybercriminals
Way forward to SECURE your BUISNESS
The way forward we recommend for our customers is by getting started with a Zero Trust approach . The Zero Trust approach means we don’t assume any identity or device on our network is secure — we continually verify it. Zero Trust assists us in striking a balance in ensuring that employees can be productive, secure, and healthy outside of the corporate network, whether at home, the office, or anywhere in between.
Principals of the ZERO TRUST approach
· Verify explicitly
Authentication and authorization should always be based on all available data points, such as user identity, location, device health, service or workload, data classification, and anomalies.
· Use least privileged access
To help secure both data and productivity, limit user access with just-in-time and just-enough-access (JIT/JEA), risk-based adaptive policies, and data protection.
· Assume breach
Reduce the blast radius and segment access. Verify end-to-end encryption and use analytics to gain visibility, detect threats, and improve defenses.
If you wish to find out how you can adopt a ZERO TRUST approach to your organization, get in touch with us on www.johnkeellsit.com
Let’s all work together and find new ways to protect the planet’s cybersecurity.
Useful information and trainings from our partners :
New security insights in the age of hybrid work : https://www.microsoft.com/en-us/securitynow/?p=37
How cyberattacks are changing according to the new Microsoft Digital Defense Report : https://www.microsoft.com/en-us/securitynow/?p=510
Taking cyber risk management to the next level : https://www2.deloitte.com/lk/en/pages/risk/articles/taking-cyber-risk-management-to-the-next-level.html
Future of cyber : https://www2.deloitte.com/global/en/pages/about-deloitte/articles/gx-future-of-cyber.html
Business security training to BeCyberSmart : https://www.microsoft.com/en-us/store/workshops-training-and-events/detail/learn-to-be-cyber-smart-with-microsoft-security-foundations?program=Professionals&src=results&pos=0
