April 13, 2015

Cybersecurity education in enterprise: not only for security employees

Business

Cybersecurity has become everyone’s business, and it raises demand for continuous updates of information for everybody, both high-level security professionals and common corporate users. And especially for the latter, since it is this group that criminals attack most of the time.

Pros and cons

Cybersecurity is supposed to be mainly a field of responsibility for dedicated professionals, and apparently this isn’t going to change any time soon. It’s hard to expect an accountant to have equal prowess in the area of cybersecurity as a seasoned cyberforensics expert, who spent years worth of time to become what he is.

It would be unfair, though, not to mention that today’s common users often are capable of doing with their PCs (and handhelds) what they weren’t expected to do ten or more years ago, and today’s accountant may know a lot about computers, software and even have some additional specialty knowledge (such as setting up a wireless network at home or in a small office). Still, it won’t make him capable of changing his career and becoming an IT security professional. The difference in expertise is still vast: it’s “I know a thing or two” vs. “I have worked in the field for many years”.

At the same time, speaking of field of responsibility, by “mainly” we don’t mean “exclusively”. In fact, it’s not professionals those are targeted by the criminals and APT groups, rather, it’s common users. They and their PCs, devices and the data they work with are essentially the new “endpoints”, and if we add a bit of bombast here, a battlefront of sorts.

Cybersecurity_education

The battle rages on and on

Indeed a battlefront, given the amount of new threats detected daily – 325,000 new malware variants, according to our recent stats. Whether the common corporate users are aware of these threats and whether they can ensure at least basic security of their data and devices, can affect overall business’ security immensely.

Cyberthreats are growing in number and sophistication, however, essential entry points remain the same: all kinds of phishing and other trickery to dupe clueless users into (most likely unwilling) “cooperation” such as running the malware or opening an exploit-ridden Word document. How good the users are at countering this trickery depends exactly on their awareness. And the amount of new malware clearly indicates that the awareness on average really could use some improvement, otherwise there would be much fewer threats and cybercriminals would tell each other fewer “success stories”.

Attackers are not geniuses

It’s worth mentioning, though, that, again on average, cybercrime today isn’t too advanced – it’s quite accessible to mediocre minds. In fact, it is enough to know where to buy and download your next banking Trojan, and how to spread it out. Not much of a creative work. But still it doesn’t decrease the menace; otherwise, with the cyberunderground becoming overcrowded, more advanced criminals have to come out with more and more competitive – and dangerous – crime tools.

Software and knowledge update

There is a necessity for continuous education of both IT specialists and common users, since who knows what they are going to encounter tomorrow? What kind of “exotics”? At the entry point there may be none: still the good old-fashioned Trojans, phishing, social engineering – methods don’t change much, and the “common” users should be capable of dealing with it. But if they fail, well… There comes the actual complexity and sophistication, hard work for cyberforensic experts who will have to identify and neutralize the source of the threat slipped into the corporate network. But first they have to know where and what to look at.

In other words, the awareness of both IT professionals and the end-users should be updated regularly, just like software. Again, those are software vulnerabilities and human mistakes – separately or together – those make malware effective and cyberattacks successful.

Take a look at this resource to find out more on Enterprise Security challenges and the ways to handle them.