Forward Thinking: Cybersecurity Threats and Trends for 2020

As 2019 is rapidly coming to a close––and budgets are finalizing for the new year––it is time to look ahead and ensure that we are prepared for the ever-changing threat landscape and regulations around Cybersecurity. The past year was filled with the discovery of many new attack sources that will continue to be a greater area of concern in the coming year.

Free Tickets to the Super Bowl!

The greatest threat is still, and probably always will be, human error. From clicking on a link in a phishing email and entering credentials, to helping the friendly UPS man in the back door because his hands are full is the first step attackers are taking to access our data. Employees want to be helpful and never assume the worst in people.

Action Item: For the threat of social engineering, take a look at the results of your testing. What is the failure rate for your annual social engineering tests? Studies show that user behavior does not change when only tested and trained once per year. We highly recommend increasing the frequency of training and testing for your users to change their mindset around security for the new year.

Managed Service Providers

An emerging avenue that attackers are beginning to target is IT managed service providers and the tools they are using to access and work on systems. After all, they generally have administrative rights and direct access to your servers and databases to perform their job functions. The fact that it is an outsourced service and not within the physical walls of your organization often causes them to be overlooked. This is a very high risk area that I believe will grow as an attack point in 2020.

Action Item: When working with managed service providers, ensure that they go through the organizations vendor management process and their security documentation is gathered and reviewed by a security professional. You need to verify that their security practices are as stringent as yours internally, and if they aren’t, then you need to request that specific items are addressed before the contracts are signed. The other item you need to focus on are how and when they are accessing your internal systems. You should require a request and approval process, multi factor authentication, and have logs of all third-party activity.

Business Email Compromise - TURN ON MFA

Another attack that we are seeing more and more of is the compromise of business email accounts. I get it, remote access to email is important, whether you’re sitting at Thanksgiving needing a distraction from great Aunt Petunia going off about politics, or you need to catch up on work this weekend. Communication and access is important. With that access, comes more risk. You need to ensure the proper steps are taken to secure these accounts.

Action Item: Take a look at which users have remote access to email.  Do all of them need access? The first step is to minimize your footprint and ensure that only users who need access to email have access. Require employees with remote access to sign an acknowledge that they understand the additional risk that they are taking on, and list out best practices for usage. The most important step that we are recommending to all of our clients is if users do need remote access to email, ensure that multi-factor authentication is turned on and required.

Privacy: A little less security and a lot more regulation.

The number laws around privacy and their severity are drastically increasing in certain countries and states; it is only a matter of time before your business is required to comply. There is still a lot of uncertainty around what these new laws will hold and how they will affect different industries.

Action Item: We recommend that your organization take a proactive approach to these changes and take the first steps towards compliance. Identify specifically where all of your data lives, including internal storage and transfers, as well as third-parties that store your data. Create a detailed list and high level data flow diagram. Review your current privacy policies and ensure that they are up to date. For more information on how you can prepare for privacy and what these changes mean change out.

So what does this mean for my security?

The first step we always recommend is performing a risk assessment on the service or system to give insight on the potential impact and residual risk associated with that system. It will help you identify areas where controls can be added to further reduce the risk. After all, the risk assessment is designed to be a decision-making tool. Look at each of your systems and services, especially the ones above, and ensure that you have the proper controls in place to reduce risk to a level that your organization is comfortable with and willing to accept.