The Week in Breach – Why Layered Security Is Like Airport Travel

Make sure to add us or contact us for the latest news

Real-Time Service Alerts





Think Beyond Basic Backups to Tackle Ransomware

Although ransomware has long been a serious concern for business owners all over the world, the COVID-19 pandemic has created new opportunities for this threat to flourish, and the attack vector is likely to become even more dangerous in the coming years.

According to a report, 304 million ransomware attacks occurred globally in 2020, with ransomware affecting over 65% of global businesses.1 Experts suggest that this is only the tip of the iceberg. Unfortunately, even though SMBs continue to be disproportionately affected by these nefarious attacks, reporting and notifications rarely make the news.

When it comes to cybersecurity and ransomware, the biggest mistake SMBs make is assuming hackers only target large enterprises. This is why many SMBs still rely on simple backups and don’t have a solid strategy in place.

The truth is that hackers are counting on smaller businesses to have fewer security measures in place, making it easier for them to get into your systems. While it’s good to have data backup, it’s high time you take its security a step further.

The 3-2-1 Backup Strategy for Your Business

This is an industry best practice for reducing the risk of losing data in the event of a breach. The 3-2-1 strategy involves having at least three copies of your data, two on-site but on different mediums/devices, and one off-site. Let’s examine each of the three elements and the issues they address:

  • THREE COPIES OF YOUR DATA

Having at least two additional copies of your data, in addition to your original data, is ideal. This ensures that, in the event of a disaster, you will always have additional copies. The first backup copy of data is usually kept in the same physical location as the original, if not the same physical server.

  • TWO DIFFERENT MEDIUMS

Storing additional copies of your valuable data on the same server/location won’t be helpful in the event of a breach. Keep two copies of your data on different types of storage mediums such as internal hard drives, and removable storage like an external hard drive or a USB drive. If this isn’t practical for your business, keep copies on two internal hard disks in separate storage locations.

  • ONE OFF-SITE COPY

Keep one copy of your data off-site, far from the rest. This helps safeguard against worst-case scenarios.

 In addition to the 3-2-1 backup strategy, consider applying the concept of layered security to keep your data and backup copies secure.

Importance of Layered Security in Cyber Defense

Most SMBs have an antivirus or firewall installed, but this is usually insufficient to combat today’s sophisticated threat landscape, necessitating the application of a layered security approach.

Because no security technology or measure is flawless or guaranteed, layered security assumes that attackers will infiltrate different layers of an organization’s defenses or have already done so. The goal of this approach is to provide multiple security measures so that if an attack gets past one security tool, there are others in place to help identify and stop the attack before your data is stolen.

The THREE ELEMENTS of layered security are:

  • Prevention

Security policies, controls and processes should all be devised and implemented during the PREVENTION phase.

  • Detection

The goal of DETECTION is to discover and notify a compromise as soon as possible.

  • Response

A quick RESPONSE is crucial for the detection phase to be meaningful.

Layered security is divided into seven layers by security experts. Hackers seeking to get into a system must break through each layer to gain access. If you want to keep cybercriminals out of your systems, concentrate on improving these seven layers:

  1. Information security policies

Implement security policies that restrict unauthorized access because the security and well-being of IT resources are dependent on them. This will help you raise information security awareness inside your organization and demonstrate to your clientele that you’re serious about securing their data.

  1. Physical security

Physical security measures, such as fences and cameras, are critical to prevent unwanted intruders from breaking in. It also helps monitor employees with access to sensitive systems.

  1. Network security

All it takes is for hackers to exploit a single vulnerability to get access to a company’s network. They can easily break into computers and servers after they’ve gained access to your network. Therefore, establishing effective network security measures is essential.

  1. Vulnerability scanning

Vulnerabilities that occur because of factors such as inadequate patch management and misconfigurations open the door for cybercriminals. However, vulnerability scans help detect these missed patches and improper configurations.

  1. Strong identity and access management (IAM)

Because of technological advancements, acquiring passwords and hacking into networks is easier than ever. IAM restricts access to critical data and applications to certain workers, making unauthorized access hard.

  1. Proactive protection and reactive backup + recovery

Proactive protection detects and fixes security risks before they lead to a full-blown breach. The goal of reactive backup and recovery is to recover quickly after an attack.

  1. Continual monitoring and testing

Failure to regularly monitor and test your backup and disaster recovery strategy is a major oversight and can result in a breach.

While it’s your responsibility to make sure your business doesn’t get sucked into the quicksand of data loss, it’s easy to become overwhelmed if you’re attempting to figure out everything on your own. Working with a specialist like us provides you with the advantage of having an expert on your side. We’ll make sure your backup and security postures are capable of tackling threats. Reach out today to schedule a consultation.

We also invite you to watch our free webinar, “Why Layered Security Is Like Airport Travel,” to understand more about layered security. Click here to watch!

Source:
1. Statista

Dark Web ID’s Top Threats This Week


Olympus Corporation of the Americas

https://www.bleepingcomputer.com/news/security/olympus-us-systems-hit-by-cyberattack-over-the-weekend/

Exploit: Ransomware

Olympus Corporation of the Americas: Medical Technology Manufacturer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.122 = Severe

Olympus was forced to take down IT systems in the U.S., Canada, and Latin America following a cyberattack that hit its network Sunday. The medical equipment manufacturer says that it does not believe that any data was stolen. Olympus also said that the incident was contained to the Americas with no known impact to other regions. Just last month, Olympus suffered another ransomware attack on its EMEA region systems.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: Many ransomware gangs aren’t bothering to steal data anymore, opting to lock down networks and production lines to force a speedy ransom payment.

IntegraMSp to the Rescue: 50% of ransomware attacks in 2020 were against SMBs. Learn more about how ransomware is evolving and how to protect your clients in Ransomware ExposedGET THIS EBOOK>> 


Premier Patient Healthcare

https://www.govinfosecurity.com/former-executive-accessed-phi-nearly-38000-individuals-a-17724

Exploit: Malicious Insider

Premier Patient Healthcare: Medical Clinic Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.712=Severe

Texas-based accountable care organization Premier Patient Healthcare filed a statement this week detailing a malicious insider incident that caused the exposure of PII for over 37,000 patients from around the country. According to the report, a terminated executive had retained credentials that enabled them to access and obtain an unspecified amount of PHI. No further details were included and a HIPAA filing has not yet appeared. When the breach first came to light, the company’s early statements pointed to a fault at a vendor, which turned out to not be the case.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.712=Severe

The patient records that were accessed included name, age, sex, race, county and state of residence, and zip code, as well as Medicare beneficiary information, such as Medicare eligibility period, spend information, and hierarchical condition category risk score for an unspecified number of patients.

Customers Impacted: 8.5 million

How It Could Affect Your Business This incident isn’t just a double helping of embarrassment for Premier Patient Healthcare, it’s also going to be a financial nightmare after regulators get finished with them.

IntegraMSP to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.