Thoughts from Coretelligent’s Chief Technology Officer, Chris Messer
IT is an ever-changing field, and the reality is IT isn’t top of mind with many of our clientele. Nor should it be. That’s our role – to come in, evaluate, update, remediate, and think proactively for growing businesses. That way, you have the time and resources to focus solely on your day to day operations.
Vulnerabilities, Everyone has Them
Your vulnerabilities are one of our top priorities. They can come in many different forms- from technical weaknesses, including issues with software and hardware or misconfigurations of systems, to human behavior and process-based vulnerabilities.
Believe it or not, risky user behaviors are some of the top vulnerabilities. With COVID and remote work, we’ve seen an uptick in phishing and malware related schemes. In general, attackers are trying to take advantage of people’s fear and uncertainty around COVID. In addition, Biotech firms are being targeted at a higher rate because of their COVID research.
We are also seeing account-based vulnerabilities, where attackers are using stolen passwords. Once they capture one user’s information, they compromise your email and then work their way through the organization. If we look at Marriott’s breach from February of this year, stolen credentials resulted in an attacker having access to the information of 5.2 million guests. It’s possible attackers obtained those credentials through phishing emails.
No matter what category a vulnerability falls under, it’s a weak point that cybercriminals can exploit. One vulnerability is all an attacker needs to breach your system. That’s why it’s critical to have risk and vulnerability programs in place.
How Should You Address These Vulnerabilities?
Every company should invest in a robust vulnerability management program. You need to have a foundation in place that incorporates procedures and policies that identify, evaluate, and address vulnerabilities. Although email and stolen credentials have been the two most common attack vectors, COVID and remote work have exacerbated these attacks.
In terms of email and phishing, remember if an email looks suspicious, it probably is. Businesses should have frequent and repeatable security awareness training in place to keep end-users up-to-date and aware of current threats. Conduct phishing campaigns to test or validate that awareness training is effective. Remind users not to provide their information, download attachments, click on links, or forward emails that could be malicious. If something feels off or looks strange about a vendor email or pop-up, trust your gut. Check with IT or your MSP before taking action.
With account-based threats, implement solutions like multi-factor authentication (MFA), which requires a code in addition to a password. If a user’s credentials become compromised, MFA could protect your company from a breach. Make sure users are adhering to corporate password policies. They should not be rotating or reusing passwords.
Businesses need to continually train and retrain employees on best practices and company policies. You need to continuously go through your vulnerability management program to identify and remediate issues. If you are interested in learning the more technical aspects of vulnerability management, check out our Vulnerability Management Guide: https://coretelligent.com/it-resources/guide-to-vulnerability-management/
Vulnerabilities: Why Care? Your Bottom Line.
There will always be new vulnerabilities that affect your systems. That’s why organizations must have a vulnerability management program that continuously addresses risks. When an attacker exploits your vulnerabilities, it affects your bottom line. A successful breach can cause data loss, monetary loss, loss of reputation, and possibly closure of your business.
Managing Vulnerabilities with White Glove IT
At Coretelligent, we understand that your time is valuable and best spent focusing on organizational objectives. Our job is to ensure that your IT solutions are proactively aligned with your current and future business goals. Vulnerability management is a constant process that requires regular maintenance and monitoring. That’s why we recommend CoreArmor in addition to remote support. CoreArmor provides the active monitoring and human analysis needed to continuously assess and treat vulnerabilities.