Part two of a three-part series on system access assessments
You probably hear all the time about the increasing sophistication of cyber attackers. But did you know that a whopping 85 percent of attacks are preventable? That’s what the United States Computer Emergency Readiness Team estimated in a 2015 report.
The truth is that most cyber dangers are less about their sophistication and more about our neglect. When we neglect the simple things, we invite trouble into our organizations.
For example, take a look at your physical environment. You may be walking past a computer or other hardware device every day that is sitting around unused. While it seems harmless, a computer becomes a huge cyber risk when it’s connected to your network but hasn’t been touched in a while.
That’s because a neglected computer is the perfect accomplice for an attack. If a malicious program is installed on it either externally or internally, the overlooked device allows an attack to go completely unnoticed.
When this happens, your computer is no longer yours. Sure, it’s still in your office environment, but it’s actually being controlled by an attacker as a bot. It’s now capable of running an automated attack on your network at many times the speed of any human. You’ve just welcomed an enemy into your office and invited him to stay.
When it comes to cybersecurity, we can’t afford to neglect our office environments. Here are a few things you can do to prevent one of your computers from becoming a bot.
A credentials access assessment by a credible cybersecurity firm will discover the hardware and employee credentials that are posing a risk to your organization.
A remediation plan will identify the computers that need to be immediately shut down or taken off your network. You’ll also guided in applying the “principle of least privilege” moving forward.
Continuous monitoring is necessary in keeping regular tabs on your hardware and network in a dynamic cyber environment.
It’s important to recognize that neglecting the office environment exposes your organization to cyber attacks. Minimize the risks by controlling your computers – before they control you.
Umesh Verma is the award-winning CEO and driving force behind Blue Lance, the global provider of cybersecurity governance solutions. For more than 25 years, Blue Lance’s automated software solutions have been protecting digitally managed corporate assets by assessing, remediating, and monitoring security of information systems. Call Blue Lance at 1-800-856-2586 for your 25-point Access Rights Assessment, or get social with us on LinkedIn, Facebook, or Twitter.
 United States Computer Readiness Emergency Team, “Alert TA15-119A: Top 30 Targeted High Risk Vulnerabilities,” https://www.us-cert.gov/ncas/alerts/TA15-119A?hootPostID=b6821137ae5173095390bd502ae04892, accessed March 10, 2017.