How can you mitigate your cyber risk without installing any new tool? This article will provide some guidance by helping you to curate your internet exposed infrastructure.
Should I really be worried about cyber attacks?
According to a recent and representative survey conducted under the auspices of the Flemish government, one out of eight (11,8%) companies was the victim of a cyber incident in 2021. Of these impacted companies, 42% had their infrastructure crippled for some period. The frequency and impact of cyber incidents cannot be underestimated anymore.
How do criminals get into my network?
Even though most of these incidents are still initiated by spear-phishing emails, a significant and increasing number of cyber-attacks are performed directly on internet-exposed infrastructure.
Adversaries can exploit unpatched servers or gain access through weak or stolen credentials as a first step. From there on, they escalate privileges and move laterally inside the organization's network until they reach critical assets like the domain controller, the backup server, or the software distribution infrastructure. From initial access to clamping down an infrastructure can take less than a day for cybercriminals.
Five practical steps to mitigate the risk from your internet-exposed assets
Any organization should:
- Gain and maintain complete visibility on their internet-exposed infrastructure;
- Limit exposure by moving infrastructure behind perimeter protection where possible – not all infrastructure needs direct access to the internet;
- Patch internet-exposed infrastructure with a tight schedule, if possible within a day after the release of software updates;
- Enforce Multi-Factor Authentication on all internet-exposed infrastructure (and not only there one should say);
- Continuously monitor for compromises, vulnerabilities, and misconfigurations.
Sounds like that is easier said than done? Fortunately, solutions to help you implement these security practices are now becoming available. One of such solutions is Arctic Security's Early Warning System. It requires no on-premise installation and is available as a one-month free trial.
Did this article raise thoughts? You can reach Freddy Dezeure at @FDezeure on Twitter, and find more of his writings on his website at https://www.freddydezeure.eu/