Awareness of the threat cyberattacks pose to organizations has grown exponentially in recent years, due to very public attacks on businesses and governments. Each year the World Economic Forum, an international organization committed to improving the state of the world, surveys its members to compile a report on the worst threats facing countries around the world, said Sinisha Erceg, Security Field Solutions Architect for CDW Canada. In 2019, cyberattacks appeared on the Global Risks Report, alongside natural disasters, weapons of mass destruction and water shortages.
In a presentation at CDW’s annual Business Technology Expo (BTEX) in Toronto this month, Erceg noted that despite the rising overall awareness of the cyberattack threat, many organizations still don’t understand the sophistication of today’s attacks, or don’t have good visibility into their own networks.
“There’s a conundrum because the IT team knows they need to address external threats, but they’re also facing the pressure of leading new projects and moving the business forward,” he said. “Some organizations are moving ahead too quickly and forgetting about the security side.”
For instance, 42 percent of organizations still don’t have a threat intelligence program in place. “You need to have a robust threat intelligence community and a threat intelligence program,” he said. “It won’t only help your organization, but it will also help other companies looking to secure their networks.”
Erceg cited eight common challenges CDW comes across as it helps Canadian organizations deal with today’s threat environment:
• Ineffective malware protection – It may seem surprising, but many companies either have noprotection or ineffective malware protection in place. Industry-standard solutions are a requirement to deal with today’s complex threats.
• Lack of multifactor authentication (MFA) – MFA isn’t just for virtual private networks any more, Erceg noted. It’s ideal for any organization trying to protect important information and it’s easy to deploy.
• Ineffective logging — Companies sometimes call CDW after they’ve been hacked, looking for a tool that can undo everything, Erceg said. Unfortunately,that tool doesn’t exist. But to start a forensics investigation and figure out what went wrong, companies need to have the visibility into their network that a logging tool provides. A Security Information and Event Management (SIEM) solution is ideal, but even something as simple as a syslog server can help.
• No disaster recovery plan — Companies need to have a plan in place in the event an IT security incident occurs. And they need to have a dedicated incident response team that includes members from across all the business units and management. The plan also needs to be practiced, so everyone knows exactly what needs to happen in the event of a real cyberattack.
• Lack of security awareness — No organization will ever achieve 100 percent security awareness with its employees, but IT teams can highlight areas of trouble, such as particular users or departments, then apply controls for additional security.
• No inventory management — If a company doesn’t know what its assets are, it can’t protect them. IT teams need to track assets, changes and unsanctioned applications, map applications to devices and devices to users.
• No data classification — Companies need to know what data they have, who owns it, what kind of usage it sees and what data retention policies are in place. Then they can understand how to properly manage that data and apply the appropriate levels of security to it.
• No network segmentation — Network segmentation is important in isolating and containing attacks and protecting sensitive data. It allows organizations to focus their efforts on the critical points in their network.
For organizations looking to improve their security posture, Erceg said CDW Canada offers a free assessment tool called Threat Check that includes engines from Carbon Black, Tenable, Cisco and Splunk. CDW Canada places Threat Check on a customer’s core switch for two-and-a-half weeks, where it monitors incoming and outgoing traffic. CDW Canada’s security team then compiles an approximately 60-page report. “It gives us insight into what’s happening in the network,” Erceg explained. “It’s a great first step in helping customers be better prepared for today’s complex threats.”
Please bookmark this page for more coverage of BTEX 2019.