Introduction
Cyber-attacks have grown to become one of the greatest security threats there is for both businesses and the government over the last decade. The internet boasts of having over 300 million devices connected to it (Rubens, 2018). With the advancement in technology, the internet also provides several services that help businesses improve their performance such as cloud services. The internet has the allure for companies which seek to reap some benefits from this huge market. It also brings a fair share amount of risk (Rubens, 2018). Our company has recently fallen prey to a series of attacks and is an example of the constant threat of malicious attackers. Given the negative effects that these attacks pose to the survival of the business, more improved security procedures are required to prevent any future attacks.
Protecting the Company against Internal and External Attacks
Improving the overall security and protecting the network will require a number of measures and procedures to be implemented. These will also include other tools which will serve the same purpose. However, the first step to this process is to evaluate the security risks within the company and later on, consider those outside the company. As the frequency in cyber-attacks and data breaches continue to increase, it is important to consider both the internal and external risks. According to a 2016 Cyber Security Intelligence Index, IBM determined that over 60% of all attacks were carried out by company insiders (Guntipalli, 2018). These were individuals trusted by the company and used this and their clearance to access private information and facilitate attacks. These worrying statistics highlight the level of security that should be implemented to manage the internal threats along with the external ones.
Use your promo and get a custom paper on
"Cyberattacks And Protection Against Them".
Internal and External Threats
As outlined above, most of the threats originate internally. Various scholars have been noted to refer to the individuals using a network as the weakest link in the overall network. While machines and the network operate using predefined rules, humans can choose to overlook these rules. In doing so, we end up constituting a security risk. The most common attacks targeting employees are phishing attacks and social engineering where users are tricked into offering their login details (Guntipalli, 2018). Attackers can later use this information to access the company, for instance, by going through one’s emails and obtaining sensitive company information. In other cases, the employees might have malicious intent and either collude with attackers or steal the information themselves (Guntipalli, 2018). Some of the attacks include Denial of Service (DoS) Attacks, man in the middle attacks, and Distributed Denial of Service Attacks (DDoS). Since both can be involved in any specific attack, countering these attacks will require a number of measures which can all be combined alongside countering internal threats.
Tools and Measures Implemented to Secure Company’s Information
Evaluating the work practices and how information exchanges hands and is transferred within the network allowed for the development of these measures and the respective tools that will be utilized. Implementing standards which ensure that employees have to agree not to disclose intellectual assets even when they have left the company (Guntipalli, 2018). This agreement should be a binding one that ensures that the employee can be sued if they break the agreement. Next, the company should review its access rights and privileges within its network and the ones related to accessing files (Guntipalli, 2018). This will ensure that only authorized employees can access the information and when employment is terminated, privileges are immediately revoked. To prevent data from being intercepted between two offices, the company can invest in a virtual private network (VPN) with each having a firewall of its own. This will allow different offices to connect seamlessly, enhance security and also prevent malicious activity as the network can be monitored (Rubens, 2018).
Additionally, the firewall can be used to configure settings preventing employees from visiting malicious sites using the company’s computers (Rubens, 2018). Ensuring that data is also encrypted whenever it is written to the company’s files is also a plus as it creates an extra layer of security. The company can also set up rules to ensure that data which has not been scanned and encrypted cannot be stored on its file servers or the cloud, while data which has not been saved cannot be deleted. Other services such as anti-DDoS software can be deployed to handle such attacks, in addition to investing in antivirus software as an additional protective layer (Rubens, 2018). The establishment of controls is also advised as it will ensure that on certain occasions such as meetings and international seminars, vital information is not disclosed. Preventing employees from being able to copy company files to USB drives is also a necessity. All these measures prevent both internal and external threats.
Procedures during a Security Breach
While the above measures are effective, the procedures after the occurrence of a data breach determine the actions that will be taken afterward. The first step is to contain the situation and limit any further damage to the files or the network (Rhodes, n.d.). This is often coupled with the recovery of any lost data. Later, leads to investigating the breach are established. This will determine the extent and nature of the breach and provide a report to the respective stakeholders and/or specialists (Rhodes, n.d.). Once done, ensuring that any possibility of further data loss is mitigated and that the threat is completely removed. Once this is done, measures can be put in place to prevent any further risks that may come in the same way (Rhodes, n.d.). Additionally, the company can analyze the network and the files to determine any other risks of the same nature. In cases where the network is involved or was down, troubleshooting will be required. It is recommended that the company embraces a top-down approach (Goetz, n.d.). When using this approach, one would begin in the upper layers of the OSI stack. Testing the applications to ensure that they are working and doing the same until one reaches the physical layers of the OSI stack (Goetz, n.d.). Using the stack as a reference point will ensure that no points are left out while troubleshooting.
Conclusion
Managing both internal and external threats will allow the company to enhance its security and ensure better relations with their clients and stakeholders. However, as the forms of attacks get complex, these measures and procedures will require constant updates and analysis. Additionally, since no single security measure is foolproof, it is important for the company to have a security budget and ensure that constant checks are done to secure itself against the new threats since they are always new threats that are more advanced.
