Plain English cybersecurity advice in 3 articles, 2 statistics and 1 action.
This week: The vast majority of large firms suffer because of cyber breaches in their supply chain, and yet the majority do not know what to ask their suppliers about cybersecurity. How Google and Microsoft are helping us all to be more cyber secure. And how 55 billion attacks are pointless because of one security measure.
This week’s action: Keep privileged accounts for special occasions
>>>>> THREE ARTICLES <<<<<
1: 97% of large firms have been impacted by cyber security breaches in their supply chain
“Cyber security breaches that occurred in the supply chain have negatively impacted 97% of firms in the past 12 months”, according to a survey of 1,200 CIOs and CISOs working in organisations with more than 1,000 employees.
How could these executives allow their firms to be impacted by their suppliers?
It’s inevitable when “the number of organizations [with] a supply chain of over 1,000 companies more than doubled from 14% in 2020 to 31% in 2021”.
2: Executives expect software vendors to secure their code, but they are not asking them to prove it
In a survey of 193 IT executives, 96% believed “software providers should be required to guarantee the integrity of the code in their software updates”.
This consensus is strengthened by recent global cyber attacks that succeeded when cybercriminals infected the code of software used by large numbers of businesses. Why attack one business at a time when you can attack one software provider that could open the door to thousands of businesses.
Despite this consensus, “the survey results show that [organisations] are not taking action that will drive change” and that “69% of executives say their company has not increased the number of questions they are asking software providers about the processes used to assure the security of their software and verify code.”
The article goes on to describe 15 controls that Venafi and other industry partners regard as critical security measures for software developers, and critical questions that businesses relying on these providers should ask.
3: Microsoft reminds us of the simple things we can do to prevent the majority of attacks
“We can’t afford to treat technology and cyber risk as something separate [..] that IT and security teams are left to manage on their own [..] Pleasingly, achieving sufficient cyber hygiene to rebuff the overwhelming majority of cyberattacks doesn’t require sophisticated technology or a highly skilled security department.”
Microsoft goes on to recommend 5 simple security measures, including multi-factor authentication, restricted use of administrator accounts, and keep software up to date.
>>>>> TWO STATISTICS <<<<<
1: 150 million
150 million people will benefit from Google’s decision to turn on two-factor authentication by default later this year.
“We know that having a second form of authentication dramatically decreases an attacker’s chance of gaining access to an account [..] By the end of 2021, we plan to auto-enrol an additional 150 million Google users [into two-factor authentication]”
2: 55 billion
There were “55 billion new attempts at brute-force password-guessing attacks between May and August 2021 alone”, according to research by security company, ESET. The most popular attacks focused on RDP services that are used by staff to gain remote access to their employer’s IT systems.
Assuming two-factor authentication (2FA) is in use on these remote access systems, none of these 55 billion attacks would be sufficient to enable the cybercriminal to gain access to a company’s systems.
>>>>> ONE ACTION <<<<<
1: Keep privileged accounts for special occasions
Building on one of Microsoft’s recommendations, many malware infections will fail to cause significant damage if the account in use on the device is not a “privileged account”.
In plain English, a privileged account is an account that allows you to make changes to your IT system or device – e.g. change configuration settings; install applications etc. In simple terms, if you are able to install software on your Windows laptop, you are using a privileged account. If this is the only account that you use to log in to your laptop, a ransomware infection will thrive on your device.
Switch your everyday use to a “standard account” – An account that has limited privileges. If / when you need to make changes, you can enter the credentials of a separate privilege account.