In July 2017, it was revealed that millions of Australians’ personal data had been put at risk, when Guardian journalist Paul Farrell exposed a serious data breach by successfully purchasing his own Medicare details on the darknet. But governments are not the only ones at risk of such data breaches – according to an investigation by OWL Cybersecurity, every single Fortune 500 company has potentially compromising data available on the darknet.
Whether the result of a malicious insider purposefully leaking the information, or hackers taking advantage of workplace cybersecurity weaknesses, it is more vital than ever that organisations are vigilant about their cybersecurity practices.
To help, this blog post will cover 9 workplace cybersecurity measures to help prevent your company data from being sold on the darknet.
But first, a brief explanation.
What is the darknet?
The websites we browse every day – those visible and accessible via search engines – only make up a small percentage of the internet. This is what’s known as the surface web. Beyond the surface web, there is the deep web, where sites require credentials to access them (e.g. banking sites or paid firewall), and then there is the darknet. One estimate suggests that 96% of online content exists in the deep web and the darknet.
The darknet is a collection of networks on the internet that are purposefully hidden; in other words, they can only be accessed using special tools and software, and not via any search engines. Because of the anonymity that this provides users, the darknet can facilitates the exchange of stolen and hacked data, providing a place for hackers to sell data they’ve obtained, while also providing a forum for insiders with access to corporate data to sell that access.
9 workplace cybersecurity measures to protect your company data from the darknet
1. Educate employees about security protocols on a regular basis
Social engineering and business email compromise (BEC), whereby cybercriminals manipulate employees into performing an action or divulging confidential information, remains one of a hacker’s best weapons for infiltrating an organisation’s networks and gaining access to valuable data. 45% of cybercrime victims in 2017 were so because of phishing and fraudulent emails according to research from Norton by Symantec.
It’s important, therefore, that employees are educated regularly about cybersecurity best practices, including how to recognise suspicious emails, how to secure their BYOD devices, how to use social media safely and how to transmit data over networks securely.
Phishing, a highly prevalent social engineering technique, is an especially big threat – according to a 2017 study by Keeper Security and the Ponemon Institute, 79% of SMBs who said they had experienced a ransomware attack reported that the ransomware entered their system through a phishing or social engineering attack. Employing phishing simulators, such as PhishMe or Gophish, can be an excellent way to educate employees on how to recognise phishing emails and can help you identify those employees that might require extra training on proper identification.
2. Enforce password policies and two-factor authentication
Passwords are the most common method of authentication, but it is also the most vulnerable and highly abused. Findings from the 2017 Norton Cyber Security Insights Report indicate that one-third of Australian consumers are not storing passwords securely and as many as 16 per cent of Australians are using the same password for all their accounts. The 2017 Verizon Data Breach report found that, over 70 per cent of reported breaches were due to weak user credentials, including usernames and passwords. And while companies like Apple and Microsoft are making moves towards making passwords a relic of the past, until that happens, it is up to organisations to ensure they are not a liability.
While educating employees about password best practices is important, the reality is that these are rarely followed – employees struggle to remember long, complex passwords with letters, numbers and characters, and frequent password updating just leads to predictable patterns that hackers can easily guess.
Instead, a password manager, such as LastPass or Dashlane, which encrypts and stores passwords in a secured vault that is protected by a single master password, can make it much easier for employees to comply to password policies.
Enforcing two-factor authentication, whereby users have to enter a code after typing in their login details, can also add an extra layer of security, particularly when it comes to protecting information from being sold on the darknet, as any login details that have been criminally obtained are effectively useless without the code.
3. Consider alternative authentication methods
Biometrics can also play an important role when it comes to accurately and securely authenticating users and removing the burden of passwords.
For example, typing recognition, a type of behavioural biometric that uses artificial intelligence to identify the unique ways in which people type on a keyboard, can provide a seamless and continuous means of confirming a user’s identity, ensuring any unauthorised access to an employee’s account is automatically detected. Not to mention behavioural biometrics are impervious to theft. TypingDNA is one company that offers such a service.
4. Have a stringent BYOD (Bring Your Own Device) policy
BYOD workplaces are particularly susceptible to data breaches, due to the lack of control your organisation has over security measures that employees use. Mobile devices are also particularly vulnerable – according to Symantec’s Internet Security Threat Report 2018, mobile malware increased by 54 per cent in 2017, as compared to 2016. That’s why it’s crucial to have a stringent and enforceable BYOD policy that includes security measures, such as ensuring screens are locked after a certain amount of time, or banning certain unsecured apps from being downloaded.
Technology can also help to ensure employee compliance to the policy. Mobile device management (MDM) software can restrict risky behaviour; configure devices to use a PIN number to lock the device; locate, lock and wipe lost devices; and keep personal and corporate data separate in the event the device does have to be wiped.
5. Use tech to monitor user behaviour and unusual activity
As tactics used by cybercriminals grow more sophisticated, so too must the tools we use to identify suspicious activity and protect our networks.
Many companies are taking advantage of machine learning and predictive analytics to uncover emerging cybersecurity threats much faster than previously possible. Australian startup ResponSight, for example, uses behavioural analytics to detect when something is out of the ordinary, allowing for proactive detection and isolation of any potential cybersecurity threats. It also allows for monitoring of your BYOD workforce, as it increases security outside the corporate network without negative impact on users.
6. Use role-based access control
Restricting employee access is a simple way to reduce the amount of data that is exposed in the event of a data breach, while also helping to protect against insiders acting maliciously by selling the data themselves.
Role-based access control (RBAC) ensures employees can only access those parts of the network that are directly connected to their role, and it also controls their level of access by limiting their ability to view, create or modify a file.
7. Back up regularly and have a cyber incident response plan
The prevalence of ransomware, which is only expected to grow as cybercrime as a service becomes a bigger trend, means organisations have to be extra vigilant about ensuring their data is regularly backed up to an offline location, particularly as in many cases of ransomware attacks, it is impossible to crack the encryption.
Having a formalised and highly specific workplace cybersecurity incident response plan can also go a long way towards ensuring your organisation is up and running in the shortest possible time.
8. Employ a darknet monitoring service
When news of the Medicare data breach broke, it was later revealed that the Australian government had been unaware of the breach for 9 months – and if not for the Guardian article, they may have remained unaware for much longer. This goes to show just how long such data breaches can go undetected.
Monitoring the darknet for any information leaks on a regular basis is one way to combat this. However, the very nature of the darknet means it is extremely difficult for any organisation to perform this type of monitoring themselves, as it requires lots of time and specialised knowledge.
9. Consider cyber insurance
Data breaches are extremely costly – according to a study by IBM Security and Ponemon Institute, the average total cost of a data breach in 2017 was $3.62 million. Research from Norton by Symantec revealed that 79% of businesses have never had a cyber insurance policy in place however this can help to mitigate these costs and help businesses recover quickly from attacks.
While employee education remains an important facet of workplace cybersecurity, technology is a crucial means of filling gaps, ensuring compliance, and staying ahead of sophisticated attacks. Be sure to employ every resource at your disposal when it comes to securing that all important resource – your company data.
Want the most up-to-date information about cybersecurity and how to protect your company data? Read more about the CeBIT Cybersecurity conference and register your attendance today!