Fortinet advises organizations to adopt a layered approach to ‘Make The Internet Safer’
Fortinet, a global leader in broad, integrated and automated cyber security solutions, today reminded how important it has become to MakeThe Internet Safer as our society relies more than ever on the availability of digital infrastructure.On Safer Internet Day Fortinet is uniquely positioned to help by extending their ability to educate customers, partners, students, users and global audience at all levels of experience with tips that will go a long way in making our digital world safer and secure.
While cybercrime continues to escalate, many of today’s most damaging security threats are not the result of the traditional perception of malicious outsiders breaching a network to deliver malware. The real risk which a growing number of organizations are concerned about are security risks resulting from users who have access to sensitive data and systems.
Concerns about insider threats isn’t just a fire drill. Over two-thirds of organizations believe that insider attacks have become more prevalent over the past year, with nearly half of companies reporting having experienced between one and five critical cyber incidents caused by an insider in the past twelve months. The reasons mainly are a lack of employee awareness and training.
Organizations should implement a layered approach to security across people, processes, and technologyto future-proof and manage these risks: Train People – The vast majority of attacks still happen because someone clicks on a malicious link. Employees need to be continually educated on creating strong passwords, how to identify malicious URLs and email sources, and to not open or click on unfamiliar or unexpected email messages, links, or attachments. This should then be augmented with access management policies, including a zero trust policy, and intent-based segmentation so in the event of an incident, an attack is limited to a specific segment of the network. Implement Processes – Incident response plans need to include regular backups that are stored off-network, regular testing of those backups, and system restoration drills to ensure everyone knows their role so systems can be restored as quickly as possible. IT teams must always know what assets are online, where those assets are, and then be able to prioritize their access to and consumption of resources based on which are most business-critical. Deploy Technology – Security tools need to be chosen based on their ability to be integrated together and cross-automated so they can gather, share, correlate, and consume threat intelligence across the entire distributed network in real time. There is no magic pill to make the Internet Safer. It requires constant user education and awareness creation. Campaigns can be focused specifically on a training initiative such as cybersecurity awareness, or could be larger campaigns that are well aligned with your learning objectives. They can be internal campaigns or external campaigns that typically provide a significant number of resources and support. An industry awareness like Safer Internet Day can be a great vehicle to launch or expand a cybersecurity awareness campaign.