We talk with many company leaders who have implemented the fundamentals of cyber security but still feel unprepared to face today's cyber attacks.
Anti-virus, anti-malware, firewall, data backups, phishing awareness education for employees, and encryption of sensitive data are often deployed and managed in-house or by a managed I.T. services provider. The importance of these I.T. security fundamentals is indisputable—but a majority of breaches happen behind the firewall.
Breaches that are triggered by employee activity—clicking harmful links, downloading disguised files, joining a compromised device from home to a company network—can occur even with all of the fundamentals in place. We see around 20% of users fall victim to a first-time simulated phishing test (40 employees in a company of 200, for context).
Managed security services that include SIEM, HIDS, NIDS, and trained analysts can catch anomalous network activity that cyber security basics can't. Here are 12 signs your company may be ready to move to the next level of protection and prevention.
12 Signs You're Outgrowing Your Current Cyber Security Solution
1. You're unsure what would happen if one of your employees clicked on a phishing email.
From ongoing preventive education to detection to incident response, a number of cyber security services must be in place to guard your greatest vulnerability: your employees. If you're unsure how your company would deal with a phishing email click or malicious file download (reported and unreported), it's time to closely examine your cyber security policy and solution.
2. An alarming number of hours (employee or MSP support) are being devoted to managing your current cyber security solution (or lack thereof).
Managing false positives can be one of the greatest difficulties faced by in-house or inexperienced teams attempting to monitor network activity. If there is too much information to sort through in a reasonable amount of time and manpower, it is likely that the monitoring software isn't able to learn and/or your employees aren't able to teach it to ignore common false positives.
Similarly, without a network monitoring solution in place, you may be shelling out cash for incident response or more expensive firewalls when a quality monitoring solution would be more suited to your needs.
3. You need be immediately alerted to an intruder or malware on your network.
To achieve this, your network must be monitored 24/7/365 and all network activity must be logged to better detect and respond to attacks (SIEM).
(Related: Your team is not equipped to manage SIEM software.)
4. Your current cyber security solution isn't doing enough to safeguard your greatest vulnerability: your employees.
Employee education and training programs should graduate employees that know what to do — and what not to do — when they receive an email with a link or attachment. A simulated phishing program can provide practice and expanded point-of-weakness training.
5. You are unable to customize your current solution to your company.
Symptoms of a lack of customization include exposed endpoints (mobile devices or website service, for example) or over sized/inadequately sized log storage, to name a few.
6-9. You aren't sure who should have the final stamp of approval on your cyber security practices and policies. Plus:
- You desire more communication, clarity, and accountability from your team regarding cyber security matters.
- You want documented, company-wide cyber security policies informed by experienced professionals.
- You wish to develop a company-wide cyber security incident response plan.
If you identify with any of the above (#'s 6-9), you may benefit from the availability and expertise of a highly skilled cyber security consulting body.
10. You have (or suspect you may have) experienced an unaddressed breach in the past.
As you learn more about cyber crime and how it works, you may wonder if your company data has already been exposed. A compromise security assessment can help answer your question and help you stop any gaps that caused or could cause a breach.
11. You're aware you need to verify the security of your vendors but aren't sure how (other than taking their word for it).
Notable breaches caused by weak vendor security include Target (2013) and Netflix (2017). Vetting vendor security is vital, and for any company dealing with multiple supply chain vendors, managed security services with advanced threat detection are becoming the norm.
12. You've historically had trouble budgeting for, finding, and retaining high-quality IT staff.
Consider outsourcing cyber security so your business can have a dedicated team without the time and expense involved in recruiting.
You represent (or are a vendor for) an industry subject to state or federal compliance regulations and...
- You have not had a comprehensive evaluation of your security standing in the last 12-eighteen months.
- Your compliance task force has limited-to-no background in cyber security.
- You aren't sure if your current I.T. security professionals have a solid grasp of your specific compliance regulations.
Taking the Next Step
The first step is usually a cyber security risk assessment, which will give you insight into any potential vulnerabilities your company has and how to address them. Educating yourself about cyber security fundamentals and examining your options for outsourcing security services are also productive next steps.
Small to midsize businesses: Many private companies are examining an outsourced security monitoring solution as cap on their cyber security fundamentals. Because the quality of outsourced security monitoring can vary, rate each of your prospective companies based on experience, expertise, and capabilities.
Large companies and corporations: You may have dedicated cyber security resources, but recruiting is slated to remain a challenge for the next 2 to 4 years. A cyber security assessment and consultation can help you begin forming a game plan for your perfect outsourced and in-house balance.
Email us your questions, comments, and feedback, and a security advisor will get back to you within one business day.