As companies grow, there is a greater possibility for a growing number of potential cyber attacks. 2018 has proven that even the biggest companies—and government entities— aren’t immune. In October alone, headlines noted the recent Google+ bug, which led to the social network’s closing, Facebook’s disclosure of both a software bug leading to 50 million users’ data potentially being compromised and its platform Whatsapp allowing hackers to access messages using your phone number.
October’s onslaught of cyber attacks weren’t targeted at companies alone. The U.S. Senate reported that the government did not have the proper protocols in place to manage their massive lists of vulnerabilities associated with critical weapon systems. The exposed vulnerabilities are wide-ranging in breadth, and the impact spans from hardware systems used to spy from nation-sponsored bad actors to user-based social platforms on a software level. The senate report also claims that isolated government employees tasked with remediation of critical systems are overwhelmed and do not know where to start on the remediation roadmap.
News coverage demonstrates that it’s time for big companies to realize that the greater your company becomes, the more complex cyber security and data privacy challenges get. There’s no singular approach to protecting your valuable assets; however, these three tips will help you reduce your company’s attack surface:
- As time goes by, neglected systems and platforms are ripe for growing lists of vulnerabilities. Identify your valuable assets and any systems that are not mission critical. These items should be decommissioned and taken offline immediately.
- Make sure the applications and platforms your company uses are tested regularly for security bugs that could lead to the loss of data. Be diligent in protecting the software and code that is in your environment. A good penetration test can help identify common ways applications lead to a data breach.
- Get ahead of your vulnerabilities before they snowball out of control. A vulnerability assessment is a great first step for companies looking to identify a potential attacker.
Remember, a smaller attack surface makes a company more binary when it comes to defending itself. It’s easier to deploy industry standard best practices or align to certain security frameworks. The technologies malicious actors deploy have evolved, but luckily some security protections have great techniques and technological advanced deterrents that can stop attacks before it’s too late.
To take the first step in determining how well-protected your critical information is from looming risks, take our Cyber Security Checkup. Or reach out to Friedman CyZen to learn more about ways your company can continue to grow and sleep better knowing that the risk of a cyber attack has been greatly reduced.
https://www.gao.gov/assets/700/694913.pdf - government weapons systems
https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom – supermicro espionage
https://www.cnn.com/2018/10/04/tech/facebook-hack-explainer/index.html - facebook bug, plus whatsapp vuln