Intelligent CXO Issue 25 | Page 72

Jon Fielding , Managing Director , Apricorn
and tools will be better understood by those who are often responsible for them .
With that said , employee awareness isn ’ t a silver bullet . Indeed , individuals will still be prone to slip ups if faced with particularly convincing phishing campaigns , for example .
Therefore , firms should supplement educational efforts with comprehensive policies that are specifically designed to manage employee responsibility and enhance the overall security posture .
This should begin with embracing the principle of least privilege . A central pillar of Zero Trust , this ensures that users only have access to the software , systems and applications that they truly need to complete their job , rather than the entire corporate network . Not only will this serve to ensure that any damages inflicted by potential attacks or insider threats are reduced , but it can also improve productivity by narrowing the scope of each user ’ s digital asset portfolio .
This approach should then be paired with the effective management of those devices being used to access corporate networks . Unmanaged devices are the root cause of several security problems . Not only do they limit visibility , but also expand an organisation ’ s attack surface , enabling cybercriminals to exploit user endpoints much more easily . Ensuring that only IT-approved devices can access a network can go a long way to mitigating against these threats .
Firms should also mandate procedures that require the encryption of all business data across devices as standard . With many employees now working wherever and however they like , the need to secure data on the move has never been more important . Hardware encryption offers much greater security than software encryption and PIN pad authenticated , hardware encrypted USB storage devices offer additional , significant benefits . Being softwarefree eliminates the risk of keylogging and screen capture while removing specific Operating System usage restrictions . As all authentication and encryption processes take place within the device itself , critical security parameters are never shared with a host computer .
Encryption can be easily rolled out across the organisation through the deployment of hardware encrypted , removable storage devices to ensure all data can be stored or moved around safely and offline . Even if the device is lost or stolen , the information will be unintelligible to anyone not authorised to access it and organisations will have peace of mind that company secrets or sensitive data won ’ t be revealed .
And finally , a sound backup strategy should be adopted to ensure that data can always be recovered . According to IBM , the average cost of a ransomware attack in 2022 , not including the cost of the ransom itself , was US $ 4.54 million . The 3-2-1 rule should form the basis of any backup processes : keep at least three copies of your data , on at least two different mediums , with at least one copy stored off-site . Maintaining physical backups even if you use cloud storage is essential in case your cloud provider experiences downtime and / or faces a breach . By developing a sound backup plan that comprises offline backups in parallel with a centralised cloud back-up plan , the worst of these astronomical costs can be mitigated thanks to speedy and reliable recovery methods .
In embracing simple policies such as these , organisations can rein in staff responsibilities and make sure that any adverse outcomes stemming from operational changes , such as the implementation of a shorter working week , are far less likely to lead to potentially catastrophic cyber incidents .
Not only will staff members be less likely to put information at risk , but if they do , then threat actors will have a harder time taking advantage , and organisations will be better prepared to respond and recover . x
72 www . intelligentcxo . com