In cybersecurity, the AI hype is still rampant. Most vendors now offer some form of AI-enhanced detection software. However, many companies should not focus on detecting new threats and misaligned behavior patterns. Instead, they should focus on reinforcing the basics. For most organizations, the tried-and-true foundational practices should be the primary concern, providing a reassuring backbone to their cybersecurity strategy.
While backups, multi-factor authentication, training, automation, and a renewed user focus might sound less glamorous than machine learning, they are the pillars of a robust cybersecurity strategy. By prioritizing these foundational practices, you can take control of your organization’s cybersecurity, ensuring that no AI tool can compensate for their absence.
Automating Cybersecurity
Surprisingly, many administrators must enter a new user’s information more than once. Entering the same username, e-mail, and password is prone to errors. Worse, when an employee leaves, it is almost impossible to remember all the locations where that user had an account.
The same is true for analyzing log files and monitoring systems and services. These tasks are repetitive and boring, which makes them prone to errors. They are also easy to automate, allowing administrators to focus on valuable tasks instead of data entry.
Enduser Workflows Keep the Focus on Cybersecurity
Many fields have shown that focusing on goal-oriented workflows can improve both the outcome and the employee experience. Consequently, concentrating on what goals every worker wants to achieve, partitioning the steps into sensible workflows, and keeping employees engaged with just one application during the workflow can significantly reduce task switching.
Reduced task switching takes the focus off of the tools and builds inertia to changing focus. Consequently, it becomes easier for the user to detect any disruption indicative of a scam. For example, if vendor management and invoice payment solutions involve just one fluent workflow, an E-Mail asking employees to deviate from known procedures is more likely to create questions.
Cybersecurity Training
Yet, nothing helps with detecting scams better than solid workforce training. Unfortunately, many IT departments commit several cardinal sins when handling training.
- First, training is not a shaming tool. Many departments will send test spam messages and condemn everyone who clicks on the link to extra training. Consequently, the employee associates cybersecurity with feeling ashamed, and the training misses the mark.
- Second, cybersecurity training is far too technical for many users. Techniques such as checking URLs within an e-mail, only clicking on trusted links, and verifying SSL certificate origins are beyond the average user’s ability. Instead, the training should focus on easy workflows and the emotional reaction to spam.
- Third, training cannot be an on-off event. It has to be part of the everyday workday. Gamifying the training, for example, by having a leaderboard for most reported spam, can significantly improve performance.
An effective training regime should replace stress and frustration with rewards and entertainment. It’s the difference between detention for failure and avoiding the issue by encouraging good behavior before a problem arises.
Multi-Factor Integrated Authentication
From Credential Stuffing to sorting through trash, attacks utilizing the user’s password represent around 60% of all cyber security incidents. Unfortunately, most organizations make it worse by requiring users to enter the password more often. According to the Cybersecurity & Infrastructure Security Agency, the complexity of passwords decreases the more passwords a user has to enter.
Even when workers share desks or data entry points, a single login is sufficiently safe and much more effective when using a device. If fewer passwords are more secure and productive, why do we still see a login screen after the login screen?
Coupling an integrated single-sign-on solution with multi-factor authentication can take security to the next level. Multi-factor authentication adds a second layer of protection to your IT systems. By relying on something you own, an app on the phone, for example, you remove one of the most significant limitations of humans, our memory for abstract letter sequences, from the equation. Just think twice about using biometrics. They are impossible to change if compromised.
Backups and Cyber Resilience
In our ever-digitalizing world, we must accept that we cannot stop every attack. Thus, cyber resilience becomes a significant part of the current defense against cyber attacks, and backups are a crucial part of IT. Today, the majority of cybercrime involves ransomware attacks. Ransomware attacks involve encrypting the victim’s data, making it unusable for the owner.
With a working backup system, you can focus on returning the data from your storage. Recreating it or paying the criminal to release it is unnecessary. Thus, once IT reinstalls the system, you can return to work.
A working backup system can turn an outage from a company-threatening catastrophe into an admittedly major inconvenience. Importantly, by not paying, you remove the incentive for criminals to try again.
Cybersecurity: Back to the Basics
No one would focus on fancy smart locks in a house with crumbling walls and foundations. Yet, in cybersecurity, we too often focus on the latest trends and gizmos. CEOs and Boards might only understand IT topics in the news, or our vendors have convinced us that our cybersecurity posture is already strong enough. Yet, if we do not take care of the basics of cybersecurity, our systems will never be adequately secured. You cannot save a crumbling foundation with a smart lock. Neither can you fix cybersecurity with the latest AI tools. Humans are just too adapted to outsmart any technology.