Minding the gap: How to best assess and address cyber security cracks

Remote work is probably here to stay, at least in some form. Nearly three-quarters of employees surveyed say they want to keep a hybrid working approach as the pandemic subsides. 50% of Gartner survey respondents said they will continue to work remotely post COVID-19. 

As such, it’s critical for companies to secure security gaps, not only in the corporation but in micro-offices — employees’ homes. 

Cyber crooks don’t care about business size 

Regardless of whether your customer is a large corporation or a small- or medium-sized business (SMB), cyber attackers are gunning for them at a time when security should be top priority. Ransomware. Phishing/Smishing/Spear-Phishing. Advanced persistent threats. Denial-of-service (DoS) attacks. Businesses of all sizes have been forced to address a whole new ballgame of security threats. 

How are your customers investing in security? Are you offering ways to assess and help shore up those security gaps, whether in their offices or employees’ homes? 

Digging for your customers’ data 

Cyber criminals have upped their game and cannot be ignored. An IBM-Ponemon Institute study shows the average cost of a data breach is $3.86 million, with healthcare organisations being their number-one target. 

Regardless of your customers’ vertical, these criminals want your clients’ ultra-valuable, proprietary data that includes personally identifiable information (PII). To be sure, cybercriminals know no boundaries and are trying to get at it. 

So, let’s talk about helping your customers plug their leaks to better protect PII and other ultra-sensitive, proprietary information. 

Pointers for increasing security measures 

Your clients are only as secure as their weakest link. And with employees scattered, it can be downright difficult for them to stay cybersecure without proper safeguards in place. However, there are steps to help bolster security, whether staff works remote or in-office. This includes: 

• Limiting access to sensitive data as after all, there’s no need to provide more data than necessary — particularly information from highly privileged accounts. Remind them to keep those keys to the kingdom in their own pocket. 
• Employing multifactor authentication (MFA), as this extra level of protection helps thwart attacks. Whether fingerprint, recognition or another mode, MFA helps secure sensitive data, so, suggest that they implement it. 
• Defending against insider attacks as, sadly, intentional and unintentional threats are on the rise. Whether an employee is trying to sell company information on the darknet or inadvertently sends an email to the wrong recipient, this often-undetected threat is real. 
• Building an incident response team — even if they’ll never have to use it. It’s like insurance: we all buy it, wonder why we have it until the day comes when an accident occurs and we’re thankful for it. Having an incident response team at the ready can help mitigate security-related incidents. 

• Backing up systems and data so that if a breach occurs or information is wiped out, it’s easily accessible elsewhere. 

Challenges mount as threat landscape evolves 

Cyber criminals are everywhere and they don’t care if your clients employ 10 people or 10,000. They don’t care if employees work from home or in-office. Stolen data equates to money in criminals’ pockets. Remember, there are only two types of companies — those that have suffered a breach and those that will. 

The challenges facing companies with security teams and without are mounting as the threat landscape evolves due to the increasing sophistication of cyber-attackers. 

Arrow has cyber security specialists and a wide, deep line card of vendors and solutions, and can help you navigate a path to the answers for your customers. Our solutions fall into seven key pillars of security: 

1. Network security protects the perimeter yet permits secure access; 
2. Endpoint security protects every device and how it interacts with services and data; 
3. Identity and access management security makes sure authorised employees are the only ones who can access certain services; 
4. Content security ensures only safe inbound content makes its way into a company and protects corporate content from accidental or malicious threats; 
5. Security and vulnerability management provides overall security posture perspective to better enforce company-wide policies; 
6. Advanced threat protection detects and safeguards against the most sophisticated and prevalent persistent threats; and 
7. Automated security and monitoring solutions provide continual vigilance and automated response should an attack occur. 

Want to learn more? 

Learn more about how Arrow's security solutions can help you assess and address your customers’ security cracks or reach out to us to talk about it more.