Developing cybersecurity best practices
Businesses are investing in modern information systems to simplify processes and improve efficiency of their operations. In the midst of this development are the threats or risks. Those risks can be described either as an internal threat originating within the organization or as an external threat against the organization.
Organizations are exposed to these internal threats of cybersecurity:
Intentional threats: This insider threat results from the actions of unscrupulous individuals who deliberately misuse confidential information to conduct malicious activities to the detriment of the organization. This is, however, different from whistleblowing of wrongful conducts within the organization.
- Unintentional threats: This involves employees who expose an organization to cyber threats due to negligence or carelessness in the line of duty.
- Third-party threats: Third-parties or independent contractors (consultants) are usually service providers to an organization. They are not employees of the organization but have some level of access within the organization through a contractual relationship.
External cyber-attacks originate from various sources, including phishing scams (through fictitious emails), social engineering by psychological manipulation of people through SMS text messages or phone calls to impersonate them, malware (a malicious software meant to cause harm to a device or network through email attachments, fraudulent links, adverts, or on harmful websites).
These cybersecurity threats are designed to deceive targets into sharing sensitive information. Hackers may also employ ransomware attacks and data breaches, pressuring organizations to pay a ransom to get their information back or risk the distribution of private data.
Additionally, Denial of Service (DoS) attacks is another type of cyber-security threat that can harm organizations and their clients. Hackers usually target systems, devices or a network and shut them down thereby denying users access to those applications. They usually overload the targeted device, network with traffic until the victims cannot respond, or the systems eventually crash. These attacks compromise websites, emails and online account access on the affected systems or networks.
Global Perspectives
Market and Markets in its recent global cybersecurity industry report has offered a wealth of information about the cyber landscape:
- AI-generated deep fakes pose grave risks like misinformation, privacy breaches and fraud thereby necessitating a collective effort in technology, regulation, education and collaboration to minimize their impact.
- Increasingly, cybercriminals favour data extortion over ransomware, leveraging stolen sensitive information to demand payment, exploiting the fear of data exposure and pushing organizations to pay ransoms to prevent data leaks and reputational damage.
- Increased reliance on third-party services in cloud environments elevate data breach risks thereby requiring rigorous assessment of third-party security and robust protocols to protect sensitive data in cloud systems.
- The emergence of Generative AI (GenAI) in cybersecurity signifies the integration of advanced AI technologies into security protocols, enhancing threat detection, response capabilities and proactive defense measures against evolving cyber threats.
Flowing from the foregoing, these insights come in handy in 2024 and beyond:
- The need to transition from passwords to password-less security methods by leveraging on biometrics, hardware tokens and advanced technologies for more secure and user-friendly authentication.
- A call for new regulations and laws to foster trust in Generative AI for cybersecurity. Focusing on accountability and reliability in utilizing AI-generated content.
- Chief Information Security Officers (CISOs) need to spearhead the drive towards cyber resiliency by emphasizing proactive strategies, robust defenses and swift response plans to counter evolving cyber threats.
- Governments worldwide must formulate regulatory plans to address the challenges posed by deep fakes. The aim is to establish guidelines and laws that mitigate their potential harmful impacts on society, privacy and information authenticity.
Investing in Cybersecurity
The fight against cyber-threats requires a holistic data security strategy that must ensure that organizations’ internal and external measures are sufficient. A solid starting point for the strategy is developing a comprehensive cybersecurity policy.
Developing a Cybersecurity Policy
To combat the internal threats, the policy should cover various aspects such as employee training, role-based access controls, incident response plans and cybersecurity insurance. Touching on the employee-training part of the policy, it must be noted that employees can either be part of the defenses against the cyber-crimes or accomplices in the eco-system.
Therefore, a strategy in respect of employee training must ordinarily entail cybersecurity awareness programs, which will empower them to follow proper procedures for handling sensitive client data, and recognize risks of phishing emails or creating strong passwords.
To ensure restriction to sensitive data or information, organizations need to implement role-based access control systems that must give permissions to employees based on their role/function. These controls must equally be reviewed regularly to prevent breaches when employees change roles and neither should they share those access with their colleagues. Multi-factor authentication should be enforced through biometric fingerprint scans or a password/code tokens to employees’ dedicated phones to verify their activities.
A cybersecurity policy must also highlight data encryption techniques to beef-up the protection of sensitive data. This way, it ensures that only duly authorized users have access to the organization’s systems and data, and even if a hacker intercepts a data, they will not be able to read or understand it.
Emerging Trends
The new trends for combating cyber threats include the use of artificial intelligence (AI), machine learning (ML) and blockchain. Artificial Intelligence and Machine Learning (ML), for instance, help to identify suspicious intrusions and patterns in data that may indicate a potential attack, and take proactive measures to prevent it.
In the case of blockchain, it provides a decentralized, tamper-proof ledger that can be used to store and share sensitive data securely. This can help prevent data breaches and ensure the integrity of financial records.
Software Upgrades
Outdated software is prone to vulnerabilities that cybercriminals can easily exploit to their advantage and access sensitive data of organizations and their clients. To prevent this occurrence, an organization must be proactive to ensure all software, including operating systems, applications, and firmware, is regularly updated with the modern versions from verifiable dealers on the markets. This process should also include regular vulnerability assessments to identify and fix any form of security weaknesses and bugs in the systems.
Incident Response Plan
It will be desirable for organizations to formulate incident response plans as part of their cybersecurity strategy. This is because data breaches could still occur despite the existence of measures to prevent the cyber-attacks from even occurring in the first place.
A detailed incident response plan must state clearly the steps which should be taken in the event of a severe incident and include procedures for identifying and containing any breaches, assessing the damage, notifying victims, and recovering from the incident.
By having a well-defined incident response plan in place, organizations can minimize the adverse impacts of cyber-attacks and quickly restore business operations.
To conclude, it is worthwhile for organizations to go with the tide by investing in emerging technologies as part of their holistic strategies to manage the cybersecurity risks and thereby sustaining business operations and give value to their shareholders across the board.
BERNARD BEMPONG
Bernard is a Chartered Accountant with over 14 years of professional and industry experience in Financial Services Sector and Management Consultancy. He is the Managing Partner of J.S Morlu (Ghana) an international consulting firm providing Accounting, Tax, Auditing, IT Solutions and Business Advisory Services to both private businesses and government.
Our Office is located at Lagos Avenue, East Legon, Accra.
Contact: +233 302 528 977
+233 244 566 092
Website: www.jsmorlu.com.gh