Ransomware continues to represent the biggest threat to cyber securiy and, during the pandemic, the number of attacks has increased dramatically. During 2020, the situation was dominated by the Emotet malware programme: it enables a cascade-like spread of the malware within a network, gradually infecting all existing systems in order to subsequently encrypt the data and extort a ransom. One of the measures to protect against this threat is network segmentation: the use of IoT gateways is ideal for a fast and efficient separation of networks, because they can protect each segment without changing the structure of the network itself. In addition, modern gateways are equipped with state-of-the-art security features that defend against multiple types of threats.
Strengthening digital defence: tips for improved IT security in 2021
Cyber risks will continue to shape the daily lives of businesses this year. Here are some measures companies can use to strengthen their digital defences.
For businesses all around the world, 2020 was the year of a powerful digitalisation push, but at the same time, it brought to light the agility with which cyber criminals react to current issues and trends. This year, Covid-19 and the resulting cyber risks will continue to shape the daily lives of businesses. By observing the following measures, companies can strengthen their digital defences:
1. Network segmentation
2. Secure authorization
Advancing digitisation and more smart working employees are causing an increasing fragmentation of companies' IT environments: more and more devices and external users require stable access to company resources. Therefore, IT administrators need a central tool through which they can manage all access, allowing them to grant and revoke granular rights and permissions for individual users or groups of users in real time. In addition, it is useful to establish rules that define where and when access is permitted: for example, you may decide to allow access to resources only during working hours and from the office, or from the employee's workstation; or, you may prevent access from a country where the company does not have a branch office.
3. Two-factor authentication
Weak passwords still represent a major security risk. If you take a look at the statistics of the top twenty most used passwords, you can easily realise the dimension of the problem: simple alphanumeric strings can be cracked in a few seconds with a Brute Force attack. Especially in light of the new smart working trend, companies should take a step further and rely on two-factor authentication for the remote access of their employees: by activating this procedure, another factor is added to the login process, which represents an additional barrier for cyber criminals. The most common two-factor authentication is the "possession component", i.e. the user must have a specific device, such as their smartphone, to which a time-limited password is sent.
4. Raising employees’ awareness
Hackers are increasingly exploiting the weaknesses of humans and easily send their malware by email. Smart working, insecurity, as well as constantly changing regulations to combat the pandemic make phishing attacks even more effective. For example, e-mails that are supposed to contain important information are sent, and as soon as the recipient clicks on a link or an attachment file, a malware is installed on their device. Social engineering attacks have also increased: here, cybercriminals contact targeted employees to obtain sensitive information or convince them to transfer money. Smart workers do not have the opportunity to quickly discuss the matter with a colleague and are therefore even easier to attack. Companies should raise their employees’ awareness of the various risks and prepare appropriate interventions.
5. Network management
Networks are becoming increasingly complex. With the help of network visualisation tools, administrators can get a complete overview. Visualization makes it possible for them to understand which sensors, devices and people communicate with each other within the company network and which systems they have contact with, beyond the company's boundaries. In monitored networks, suspicious behaviour and communication anomalies can be detected quickly, giving companies the opportunity to spot cyber attacks before major damage occurs.
6. Business Continuity Management
No measure guarantees 100% protection against cyber attacks. Companies must be aware that even with conscientious precautions, there is always a residual risk. Hackers know how to skilfully exploit vulnerabilities and current trends to their own advantage and are often one step ahead of companies. It is therefore advisable to develop an IT contingency plan that ensures continuity of business operations in the event of an emergency.
Endian Antivirus Powered by Bitdefender
Bitdefender is a global cybersecurity leader protecting over 500 million systems in more than 150 countries. It is one of the most popular brands in the Antimalware market and has provided almost 100% detection rate since 2011 that have been proved by AV-Test and AV Comparatives.
Endian achieves IEC 62443 Certification
Endian is proud to announce that the Secure Digital Platform (Switchboard and 4i Edge X) are IEC 62443 certified for both 62443-3-3 (System Security) and 62443-4-2 (Component Security) at SL2 security level. This certification ensures that customers using the Endian Secure Digital Platform are able to meet or exceed the industry standard for industrial and automation cybersecurity.
Endian UTM Hardware Appliance
A complete range of specifically designed appliances integrating our UTM software for the security needs of everyone, from branch offices and industrial facilities to large networks.
Endian 4i Industrial IoT Security Gateways
The Endian 4i Edge series brings an unparalleled level of hardware performance and features to the Industrial Internet Security and Industrial VPN router market.