Reconnecting knowledge to action: How to better prepare for attacks

Australians faced a number of challenges in 2022, from devastating and catastrophic weather incidents to rising inflation and the continuing effects of the pandemic on business and society. Most recently, an overriding threat of cyber-attacks is foremost on people’s minds.

Some of the nation’s largest corporations experienced very harmful cyber-security breaches and disconcerting research shows that while business leaders have a solid understanding of how to limit breaches, their knowledge is not necessarily being followed through with action.

Ivanti surveyed 650 office workers, cybersecurity practitioners and leaders to understand how employee behaviour impacts a firm’s security posture. The study highlights the problems faced by security teams inside businesses whose leaders say the right things about taking action, increasing budgets and training staff, yet aren’t following best practice themselves.

How can better prepare for cyberattacks?

Business leaders need to take heed. It is those wide gaps between executive talk and hands-on action where cyber criminals find their way in to steal data and jeopardise the privacy of users and, in the recent high-profile breaches, millions of clients. Internally, employees are also left feeling uncertain, unmotivated and lacking awareness of the impact of their actions.

Encourage action

While 88% of Aussie business leaders and 87% of workers say that they feel prepared to recognise and report threats such as malware or phishing on the job, 80% of office workers have NEVER contacted a cybersecurity officer at work with a security question or concern.

It is vital to encourage employees, at every level, to report anything they feel is suspicious. It’s also important to try to simplify processes, given that 50% of office workers and 100% of business leaders consider reporting processes for phishing was too complicated.

Educate

From C-suite executives to workers at associate and entry level, a proper understanding of the impact of ransomware attacks is vital. Cyberattacks are getting more sophisticated when pre-meditated, and more damaging when executed by professional and amateur hackers.

This is the reality of an evolving threatscape, where there is a longer dwell time, less trackable pattern recognition and more erratic encryption. If every person in a business understands the implications of an attack, they will take some personal responsibility.

Empower employees

Employee empowerment is critical to the success of cybersecurity efforts. Only 29% of office workers believe their actions are impactful or helpful for their firm to stay safe from attacks, so there needs to be a concerted effort to engage with employees at every level to help them appreciate how vital their actions are to the overall security efforts of the business.

Focus on their everyday online lives to help wipe out bad cybersecurity practices, such as password sharing. A huge 67% of workers have shared their password with a spouse or partner, 24% have shared a password with a child and 21% have shared with a friend.

Adopt a risk-based approach

Information Technology and security teams should adopt a risk-based approach to vulnerability management (RBVM) to better defend against ransomware and other threats.

This can include leveraging automation technologies that can correlate data from diverse sources like network scanners, internal and external vulnerability databases. This can help to measure risk, provide early warning of weaponisation and prioritise remediation activities.

Update your training plan

It is vital to regularly revisit cybersecurity training. While 98% of business leaders state that their firm provides mandatory cybersecurity training, only 38% of workers said that those training sessions were helpful. Now is the time to re-ignite interest and re-set training standards, given that the average Aussie executive identifies 7.5 phishing emails per week!

Patch. Patch. Patch

The single best thing businesses can do to best protect themselves against cyberattacks is to patch. Patch, patch, patch! Patch using a risk-based vulnerability (RBVM) approach, so that the most important vulnerabilities are identified and prioritised. A RBVM approach that leverages machine learning (ML) and artificial intelligence (AI) can help identify, prioritise and patch critical vulnerabilities while also alleviating the burden of repeatable tasks.

Solutions that avert disaster

Where possible it makes sense to use hyperautomation tech like Ivanti’s Neurons Platform so devices can self-heal and self-secure and issues can be remediated before there’s any impact on systems or employees productivity. Ivanti believes that while the IT services industry has long been focused on enabling businesses to perform at their best, now more than ever the focus must be equally combined with security capabilities across all product lines.

Ivanti Neurons products such as Zero Trust Access, Secure Access and Patch Management  work individually and together as pieces of a business’s information technology (IT) systems plan to enable digital transformation and ensure exceptional and secure employee workflow. A comprehensive approach is what the best IT providers will offer to assist in averting disaster and keeping productivity on track, rather than vulnerable to a hack.

Finally, remember that everyone has a part to play. It is essential that we all adopt a mindset that we form a crucial part of preventing ransomware attacks. Centralising the employee experience with an integrated ITSM platform can help to improve the employee experience of technology across business functions through streamlining the reporting process and response time and reducing downtime or interruptions to productivity.

For businesses large and small, prioritising the digital employee experience in the cybersecurity strategy, to educate, engage and empower employees will help to close the gap between knowledge and action and help strengthen cybersecurity preparedness.

Michael Waring, Vice President Security and UEM Solutions for APJ at Ivanti.