|Struggling With The Basics Of Cybersecurity Hygiene
“Organizations continue to struggle with the basics of cybersecurity hygiene and risk management,” Richard Caralli, senior cyber security advisor.
“Business leaders across every sector should not wait for a ransomware event to be their wake-up call. Nor should they expect their cyber insurance providers to cover their losses if the organization cannot demonstrate even basic cybersecurity maturity,” he warned.
Axio said it identified “several emerging patterns that yield insights into why organizations are increasingly susceptible to ransomware attacks.
Seven key areas where organizations were deficient in implementing and sustaining basic cybersecurity practices:
- Managing privileged access
- Improving basic cyber hygiene
- Reducing exposure to supply chain and third-party risk
- Monitoring and defending networks
- Managing ransomware incidents
- Identifying and addressing vulnerabilities in a timely manner
- Improving cybersecurity training and awareness
Some Good News
On the good news front, the Axio survey found that many of the surveyed companies had at least taken some basic steps to ensure the security of their networks. Those steps included:
- Anti-virus solutions incorporating behavioural analysis (practised by 89% of respondents)
- Restrictions on unnecessary ports, protocols, services, and software (89%)
- Countermeasures against delivery of malicious payloads from websites (86%)
- Controls over potentially vulnerable services such as remote desktop protocol (83%)
- Routing of internet traffic through security appliances such as DNS or web proxy filters (83%)