acm-header
Sign In

Communications of the ACM

BLOG@CACM

Cybersecurity Mistakes to Avoid at All Costs


View as: Print Mobile App Share:

With the rise of digital technology, online transactions, and remote work, cybercriminals constantly seek ways to exploit system weaknesses and gain unauthorized access to sensitive data. In this post, I will discuss the cybersecurity mistakes that I believe are the most critical among organizations and can lead to significant problems.

Lack of Encryption

Encrypting confidential data in order to avoid unauthorized access or misuse is of paramount importance. Sensitive data, such as credit card and social security numbers, is a high-priority target for nefarious cybercriminals. Failure to employ encryption methodologies can expose data to security breaches, leading to profound financial and reputational harm to an organization. Robust encryption algorithms, coupled with secure storage of the encryption keys, are critical to ensure data protection. Additionally, to maintain data integrity, it is imperative to implement encrypted data backups and recovery algorithms so that confidential information remains protected at all times.

Inadequate Access Controls

Many businesses move their data and infrastructure to the cloud. Cybercriminals use poorly configured cloud access controls to breach companies. About 75% of modern cyberattacks do not involve malware. Failing to manage and restrict access to sensitive data properly can have severe consequences. Ensuring that only authorized personnel have access to sensitive data is crucial. This can be accomplished through proper user authentication and access management policies. Group users by job role and responsibilities and assign access rights based on those roles. Use the least privilege approach and grant access to the minimum data necessary for a user to perform their job responsibilities. It is essential to review and adjust access rights periodically.

Unsecured Devices

Today, employees rely on mobile devices, laptops, and other endpoints to complete their work from anywhere. However, failing to secure these devices properly can lead to data loss, theft, or unauthorized access. This risk is particularly heightened in the context of remote work, as devices are often used outside of the secure company network. To secure devices, it is crucial to implement a clear policy outlining acceptable use and all the security requirements. A Device Management System (MDM) should be in place to remotely manage and wipe devices if lost or stolen. User authentication should require strong passwords or biometric authentication, and multi-factor authentication can provide extra security. Network security controls such as firewalls should be used to prevent unauthorized access to corporate data, and employees should be encouraged to use secure Wi-Fi networks. Data Loss Prevention tools (DLP) can be used to prevent data transfer to personal devices.

Lack of Employee Training

Failing to educate employees on safe online practices and cybersecurity policies can increase the risk of human error and insider threats. Employees are often the weakest link in an organization's cybersecurity and can unknowingly cause significant problems. To prevent this mistake, it is important to provide regular cybersecurity training for employees. To make this training more effective, develop a comprehensive plan tailored to the organization's needs and make it mandatory. Use a wide variety of training methods, make training relevant, always test users' knowledge, and encourage leadership participation.

Poor Patch/Update Management

Neglecting to apply security updates in a timely fashion can result in systems being exposed to vulnerabilities, which in turn can compromise sensitive data. Security updates are frequently released to address known vulnerabilities, and a failure to act promptly can leave an organization vulnerable to a security breach. To prevent this error, it is vital to establish a regular patch management program that identifies required updates and applies them without delay. Begin by maintaining an updated inventory of all hardware and software assets. Place priority on critical updates and security patches and test them in a controlled environment to avoid unforeseen consequences. Automate the update process to ensure consistency. Establish maintenance windows to minimize the impact on users and business operations. Finally, monitor the status of updates and patches to ensure their successful deployment without any issues.

No incident response plan

No one can be 100% secure. Incidents happen to organizations of all sizes, including those that spend millions on protection mechanisms. Failing to minimize an incident's impact is a severe mistake with no excuses. It is not hard to prepare an incident response plan (IRP) that outlines a set of procedures to be followed in the event of a security incident. IRP helps to reduce the time it takes to detect and respond to a security breach. Start here by defining the plan's scope and determining which types of incidents it should cover. Next, identify the cross-functional incident response team members who will be responsible for executing the IRP. Develop detailed procedures for each type of incident that the IRP will cover, including communication channels, roles and responsibilities, and steps to contain and remediate the incident. Regularly test the plan through tabletop exercises and simulations to identify weaknesses and ensure that team members are familiar with their roles.

Conclusion

Cybercrime is rapidly increasing; no organization wants to become a victim of a massive cyberattack like Cisco or Adobe. However, with the emergence of more sophisticated attacks, it is no longer acceptable for businesses to make even minor cybersecurity-related mistakes. The consequences of such mistakes can be severe. Examples of other mistakes businesses should avoid include using weak passwords and failing to implement a backup system. The list of cybersecurity mistakes to avoid is extensive and requires constant attention and vigilance. Yes, it is hard to stay ahead of all cyber threats, but the field of cybersecurity is constantly evolving, and new technologies and strategies are emerging. As individuals and organizations embrace these innovations and adopt a continuous improvement mindset, the potential for making mistakes will decrease.

 

Alex Vakulov is a cybersecurity researcher with over 20 years of experience in malware analysis and strong malware removal skills.


 

No entries found