Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, today reminded how important it has become to make the Internet Safer as our society relies more than ever on the availability of digital infrastructure. On Safer Internet Day Fortinet is uniquely positioned to help by extending their ability to educate customers, partners, students, users and global audience at all levels of experience with tips that will go a long way in making our digital world safer and secure.
While cybercrime continues to escalate, many of today’s most damaging security threats are not the result of the traditional perception of malicious outsiders breaching a network to deliver malware. The real risk which a growing number of organisations are concerned about are security risks resulting from users who have access to sensitive data and systems.
Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet says, “Cybersecurity remains a primary concern for all organisations, and cybersecurity awareness needs to be part of any successful strategy to keep networks and data safe. Safer Internet Day is a global initiative to build an industry awareness campaign that can change the overall user culture of an organisation by creating a Cyber-Aware Workforce. Anyone and everyone can play a role to spread the message of Safer Internet Practices to make the cyber world a safer and better place for all.”
Concerns about insider threats aren’t just a fire drill. Over two-thirds of organisations believe that insider attacks have become more prevalent over the past year, with nearly half of companies reporting having experienced between one and five critical cyber incidents caused by an insider in the past twelve months. The reasons mainly are a lack of employee awareness and training.
Organisations should implement a layered approach to security across people, processes, and technology to future-proof and manage these risks:
Train People – The vast majority of attacks still, happen because someone clicks on a malicious link. Employees need to be continually educated on creating strong passwords, how to identify malicious URLs and email sources, and to not open or click on unfamiliar or unexpected email messages, links, or attachments. This should then be augmented with access management policies, including a zero-trust policy, and intent-based segmentation so in the event of an incident, an attack is limited to a specific segment of the network.
Implement Processes – Incident response plans need to include regular backups that are stored off-network, regular testing of those backups, and system restoration drills to ensure everyone knows their role so systems can be restored as quickly as possible.
IT teams must always know what assets are online, where those assets are, and then be able to prioritise their access to and consumption of resources based on which are most business-critical.
Deploy Technology – Security tools need to be chosen based on their ability to be integrated together and cross-automated so they can gather, share, correlate, and consume threat intelligence across the entire distributed network in real-time.
There is no magic pill to make the Internet Safer. It requires constant user education and awareness creation. Campaigns can be focused specifically on a training initiative such as cybersecurity awareness, or could be larger campaigns that are well aligned with your learning objectives. They can be internal campaigns or external campaigns that typically provide a significant number of resources and support. An industry awareness like Safer Internet Day can be a great vehicle to launch or expand a cybersecurity awareness campaign.