Fight breach fatigue: Protect your network endpoints today
used with permission from Tektonika (HP)
by Jasmine W. Gordon
With headlines rolling in almost daily about massive security breaches and threats on your network endpoints, IT security professionals are becoming desensitized to cyber risks. Last year saw a year-over-year growth in reported breaches of nearly 20 percent, hitting a record of over 5,200 incidents in 2017. That’s 7.8 billion exposed records, costing the global economy $600 billion.
Cybermiscreants are on a spree of smishing-ransomware-cryptojacking crime. When data breaches are a predictable daily occurrence, it’s hard to react with as much shock, horror, and vigilance as you should. Oh, a sophisticated social engineering attack coupled with a zero-day exploit? It’s just another Tuesday in 2018.
Feeling numb to cybercrime threats is such a common phenomenon it even has a name: breach fatigue. There’s too much crime to experience a blood pressure spike every time a new strain of malware is discovered, which happens every few seconds or so, but is there a middle ground you can reach?
Is “breach fatigue” real?
The general population is experiencing record-high rates of breach fatigue, according to Iowa State University Professor Rui Chen. An ISU study analyzed Twitter data to understand attitudes toward a high-profile hack, and researchers concluded people are numb and less likely than ever to practice secure behaviors, like changing their passwords regularly. “When an incident happens . . . people read that news and they start to lose interest,” says Chen. “They take [cybercrime] as a new normal in today’s society.”
IT pros should consider general feelings of numbness toward cybercrime a professional hazard. In fact, worker desensitization to excessive safety warnings is a well-known phenomenon called alert fatigue, in which busy workers become desensitized to safety alerts and fail to respond appropriately.
Wake up to risk
Five years ago, a major big box retailer lost 41 million customer records and the media had an absolute field day. There wasn’t nearly the same level of public outrage last year, when Yahoo admitted they lost 3 billion records, a credit bureau lost another 143 million, and countless other incidents emerged. The vast majority of data breaches fit a few common cybercrime patterns, and there are often months or years between the incident and disclosure to the public.
How do you know when you should try to recover from breach fatigue and pay attention to threats facing network endpoints?
- When there’s unique crime: Keep your eyes open when you see weird threats, like the steganography attack on the world’s largest global sporting event in 2018.
- When there’s a fumble: Recently, a popular fast-and-casual dining chain disclosed a loyalty program breach. Several days later, reports indicated the leak wasn’t closed. This is one of several fumbled breach responses. Take the insights you can learn from these mistakes to your resiliency plan, so you won’t make the same ones.
- When there’s big data involved: Compilations of high-level data breach trends across thousands of businesses are gold, at least from a cyber risk solutions standpoint. Cross-industry data can reveal the real trends in companies falling prey to phishing and ransomware.
5 cyber risk solutions for breach fatigue
There are real risks associated with a bad case of data breach fatigue, at least based on research on how alert fatigue affects other sectors, like a manufacturing work site or the medical field. Don’t just roll over and accept the fact that there are uncontrollable levels of raging risks to your network endpoints. Instead, lock them up with these straightforward strategies:
- Patch your vulnerabilities. Despite best intentions, speedy patching is still a challenge—almost 50 percent of organizations wait a week to patch, while 17 percent will even wait up to a month. That’s just based on what IT pros are willing to admit. Don’t make it easy for the bad guys; stay on top of patching.
- Monitor your network. Can you detect all the endpoints on your business’s network? Solutions to automate device detection are crucial, since you can’t protect endpoints that shouldn’t even be on your network.
- Remove weak links. Harden your attack surface against crime-motivated wolves by removing vulnerable endpoints, like routers with a password of “admin” and business printers with wide-open ports. Safeguard devices, identity, and data from the inside out by investing in printers engineered for security, self-healing devices, and office technology that fights cybercrime just as hard as you do.
- Tackle breach fatigue behaviors. Your non-IT coworkers are likely suffering from breach fatigue. Address the risk of worsening human behaviors in the workplace by doubling-down on awareness training. If you haven’t already, make it hard for lazy behaviors to thrive by simulating social engineering attacks and investing in smarter identity management tools.
- Upgrade your threat intelligence. With so many cybercrime risks out there, your chances of beating the bad guys are better if you up your threat intelligence. Use network monitoring tools powered by artificial intelligence and participate in threat intelligence exchanges. When it’s time to invest in new endpoints, prioritize business printers and other devices with built-in threat monitoring capabilities.
Stay resilient in the face of breach fatigue. You can’t anticipate when an incident will occur or the form it will take, but you can make sure you’re ready to recover. Cyber resiliency planning can help you make sure security basics, like endpoint protection, are consistently followed.
Resiliency planning also includes investing in backup and recovery solutions to avoid becoming another statistic in the list of businesses hit by ransomware. Don’t be apathetic; be proactive. While you can’t change the fact there’s a new cybercrime incident hitting the news almost every day, you can try your best to evade appearing as a featured headline in the latest security news.