It’s Raining Malware: Understanding and Protecting Against Today’s Threats
… hackers to gain access. Additionally, IT teams should develop and implement security policies and guidelines for BYOD requiring the correct security software to be installed on each device and ensuring updates to the latest operating systems are made consistently. Home router setups together with the general insecurities outside of the office need to be considered as part of a full review into the new norm.
Creating a Cyber-Aware Culture
Organisations of all sizes have to accept they aren’t immune to cyberattacks, that the latest technologies don’t safeguard all operations and breaches are inevitable. However, with a cyber-resilience strategy, the right technology and security protocols in place and an educated workforce, businesses can considerably reduce risk and bounce back, even if data or operations are affected.
Security awareness training programmes offer regular, consistent and up-to-date education to help employees remain ahead of potential threats and learn how to spot and act upon any suspicious activity. By undertaking training campaigns covering essential topics, including phishing simulations, social-engineered attacks and password hygiene, organisations can gain insight into their internal systems and employee weak points to help aid proper prevention. Businesses also need to prioritise consistent communications to employees, reminding them of the threats to watch for and that cybersecurity is an organisational priority. Content to employees should be tailored to their level of familiarity with cybersecurity to ensure actionable takeaways and advice are easy to identify and incorporated into their daily routines.
The Role of MSPs
Many small businesses and organisations often struggle with a lack of IT resources or personnel. By leaning on or investing in a managed service provider (MSP), organisations can adopt the best cybersecurity practices custom-fitted to their IT environments and those of the clients they serve.
MSPs offer immense value to small and medium-sized businesses (SMBs) by helping them to implement essential tools, strategies, technical expertise and support to keep data and employees secure. MSPs must take a proactive role in understanding the current state of a customer’s ability to protect against, prevent, detect and respond to modern cyberthreats when recommending the best approaches to combat modern malware and being cyber resilient. By building an offering that aligns with varying levels of cyberawareness and resilience, MSPs can help SMB IT and cybersecurity modernisation efforts at every step of the way.
With malware constantly evolving as a pivotal attack vector, it’s time for cybersecurity to become embedded in the DNA of every business to protect assets and reputation. Companies must take a more comprehensive approach toward security to address the threats posed by malware, including monthly security education, enhanced collaboration between teams, and teaming with the right MSP to help create a secure business approach to malware. Having a multilayered security strategy allows businesses to be cyber resilient, even in the face of continued COVID-19-related disruption and evolving malware threats.
Daniel Warelow is a product manager at Giacom. His role includes conducting market research; vendor on-boarding and in-life product management; generating product requirements; determining specifications, pricing and time-integrated plans for product introduction. You may follow him on LinkedIn or @GiacomCM on Twitter.
Kelvin Murray is senior threat researcher at Webroot, and previously was a threat researcher in its EMEA division for four years. You may follow him on LinkedIn or @Webroot on Twitter.
- Page 1
- Page 2
“Without understanding malware – what it is, how it works and the damage it can do to businesses ” That’s very much the approach we took to our latest videos. Explaining how a Phishing Attack is carried out https://youtu.sbe/t0epM7qVy9o and how criminals put together a Spear Phishing attack (release date 03/03/21 https://youtu.be/zZwMGd16-TI )
Malware keeps developing and there’s nothing we can do about it. Protection for everyone is difficult if the evil itself keeps rising. Good post.