With businesses today relying almost completely on virtual operations, defending your business against cyberattacks and data breaches is critical to ensure your IT operations remain secure.
Security errors can be extremely costly for an organisation. According to IBM, the average cost of a data breach reached $4.35 million in 2022, presenting a 12.7% increase since 2020. The report also found that social engineering and compromised credentials were among the most common attack vectors.
Even more worrying is the fact that up to 60% of small businesses end up filing for bankruptcy within six months of suffering a data breach.
Some of the most common and potentially costly – yet avoidable – security errors that an IT team can make are covered in this article.
1. Failure to implement access controls
Failure to implement an effective user access control management policy may expose your applications, computers and networks to cyber risk. It makes it easier for hackers to take advantage of uncontrolled administrative privileges and to exploit desktops, laptops and servers.
Verizon’s Data Breach Investigation Report 2022 found that insider misuse is one of the most common incident classification patterns. This is closely linked to staff access to sensitive and valuable data. According to the report, 55% of all insider misuse incidents were the result of privilege abuse.
Organisations should have a robust use policy. You can set up permissions that limit what websites employees can access from company-issued devices, and control access from personal devices. Limiting administrative capabilities is also advisable; not every employee needs to have access to all the information and data your business stores. The fewer people who have access to sensitive information, the smaller the risk of a data breach.
2. Outdated software/systems updates and patch management
Outdated software and systems can contain known vulnerabilities that attackers can exploit to gain access to systems and data. Poor cybersecurity management can also allow systems to be infected by ransomware. Perpetrators usually threaten to delete important data, publish sensitive information or block access unless a ransom is paid.
Another common mistake is retaining laptops, desktops servers and software for too long. Problems start when companies fail to plan and budget for hardware and software refresh cycles, often overestimating the length of time between upgrades, then systems can begin to malfunction and software becomes obsolete. Computers, servers, routers and networking equipment that are used in business extensively every day only function at optimum performance and reliability for about three to four years.
Patch management is an essential part of cyber security. If IT teams don’t apply patches and updates in a timely manner, it can leave software and systems vulnerable to attack. When a new patch is released, organisations must apply it promptly because the vulnerability is then made public, giving cybercriminals the opportunity to exploit the weaknesses.
3. Insufficient data backup
A survey published in 2020 by Acronis revealed that only 15% of respondents confirmed they back up critical data multiple times a day. Only 26% backup data daily, whilst 28% of companies backup monthly. And 91% of individuals back up data and devices, but 68% still lose data due to accidental deletion, hardware or software failure, or an out-of-date backup.
Data loss and insufficient disaster recovery planning can lead to wasted time and costly legal consequences. It can also impact operations including lost partnerships and reputational damage.
4. Weak passwords
Another technique used by attackers involves guessing or cracking a password for an administrative user to gain access to a target machine. Failure to manage user access control may also lead to employees unwittingly or deliberately accessing and misusing data they shouldn’t be authorised to see.
Implement multi-factor authentication (MFA), which is a multi-step account login process that requires users to enter more information than just a password. For example, along with the password, users might be asked to enter a code sent to their email, answer a secret question, or scan a fingerprint.
5. Inadequate network security or misconfigured systems
Poor network security practices can lead to unauthorised access to sensitive data or systems, and can make it easy for attackers to intercept and steal data.IT teams may also misconfigure network devices, servers or applications, leaving them vulnerable to exploitation.
One of the biggest IT fails in 2022 was a data breach at T-Mobile, which saw 37 million people’s names, addresses and phone numbers stolen from the company’s servers. The hackers also stole internal documents that included information about a merger between Sprint and T-Mobile, which was supposed to be announced soon after the hack but never materialised due to the controversy. The hackers allegedly gained access using what stolen credentials from an employee who worked at an unnamed vendor of T-Mobile’s customer support department.
6. Lack of encryption and phishing attacks
Failing to encrypt sensitive data or communications can leave organisations vulnerable to interception and data theft. An attacker targeting a specific company’s databases could go to LinkedIn and quickly find a few employees who are likely to have admin access to enterprise IT resources. A phishing campaign could then yield the information needed to get access to systems with sensitive data.
The vast majority of cyberattacks involve a phishing element, rather than hacking in the traditional sense. This is also why your team communications platforms tend to be one of the weakest points in your security environment.
Phishing emails work, which is why they are used so frequently by cybercriminals. They make you click a link, download a virus or enter personal details. Over the years, hackers have become more professional and sophisticated in their tactics, so the emails can look totally legitimate. Training employees to recognise a phishing attack is vital.
7. No firewall protection
A strong firewall is an important factor in cyber defence as it monitors your network traffic and protects it from viruses and malicious code. It can also stop users from accessing certain external sites. A weak, unmonitored firewall is not much use, so it needs to be maintained and monitored on a regular basis.
8. Insufficient staff training and education
It’s vital to have a security-aware corporate culture empowered by multiple layers of protection. All business communications should be closely monitored, while proactive measures like data loss prevention (DLP) and zero trust security (ZTS) greatly reduce the chances of a successful breach.
Employees who are not trained on how to identify and avoid phishing attacks or other social engineering tactics can inadvertently expose the organisation to cyberattacks. If IT teams fail to provide security awareness training to employees, it leaves them more susceptible to cyberattacks, such as phishing or spear-phishing.
How can you minimise these mistakes effectively?
- Implement multi-factor authentication and a strong password policy, ensuring user passwords are changed on a regular basis.
- Apply strict access controls to a limited number of authorised individuals to access applications, computers and networks.
- Keep multiple copies of the backup both locally and in the cloud for maximum resilience and disaster recovery if a fire, flood or disaster hits.
- Ensure your operating systems and applications are up to date.
- Beware of suspicious emails, links and attachments and ensure you conduct comprehensive penetration testing on a regular basis.
- Install anti-virus, anti-malware and anti-ransomware software while enabling automatic updates so your system is protected against malware and zero-day threats.
- Consider deploying an integrated cyber protection solution that combines backup, anti-ransomware, anti-virus, vulnerability assessment and patch management in a single solution.
How Securus can help
Good IT security planning mitigates the risk of making a mistake, and most of these mistakes are easy to avoid, with the right strategy in place.
At Securus, we help organisations protect their operations and intellectual property from increasingly malicious and complex cyberthreats. We work alongside our customers to provide advanced detection, incident response and recovery against emerging cybersecurity threats.
Our managed cybersecurity services are suited to any size of organisation, safeguarding them from the latest vulnerabilities. They are designed to be proactive, responsive and tailored to each customer’s needs.
Outsourcing to a managed IT provider like Securus and having the support of an expert team for a fraction of the cost of internal IT staff, can save your business a significant amount of money each year, as well as confidently protecting your most vital assets.
Call us on 0345 128 3457 to find out more.