Five Biggest Cyber Security Mistakes That Show The Need For Automated Defences

As a cyber security software vendor, we’ve conducted many risk assessments for enterprises. Over the years we’ve seen some egregious security faux pas, even at highly regulated organisations. However, despite the occasional outlandish blunder, most of the IT security mistakes we witness are fairly common and predictable. In our experience, here are the five most frequent information security errors that organisations make:

  • Common credentials: Setting all workstations and/or server administrator accounts to the same password is a convenience for IT – but also for hackers.  If one machine is compromised and the password discovered, all the machines with that same password become compromised.
  • Local administrators: Allowing users to logon as administrator of their own machines is a normal, although perilous, IT practice.  Should malware take over a machine, attackers can potentially gain access to the domain administrator accounts that manage the system. That can quickly escalate to the point where an organisation loses total control of its enterprise.
  • Persistent access. Too many organisations allow systems or applications to use domain administrator accounts with long-lived privileged passwords to manage machines.  Problem is, if an intruder steals the password he can use it to maintain access for as long as that credential remains unchanged – whether it’s weeks, months or even years.
  • Porous perimeter. Perimeter security tools like firewalls and intrusion detection are effective at defending against known threats. But targeted phishing attacks, zero days and similar advanced threats can easily bypass perimeter protections and infiltrate the network.
  • Bad assumptions. One of the most dangerously incorrect assumptions that many IT groups make is that their environment cannot be, or has not been, breached. That is a bad bet to make, but the problem compounds when nothing is done to proactively search for intrusions or compromised systems – and prepare for inevitable cyber attacks.

So what is an organisation to do when they’ve committed one or more of our top five cyber security mistakes? Here’s our first recommendation: air gaps. By that we mean disconnect critical systems from the Internet and don’t allow the use of untrusted peripherals on your network.

Then, consider implementing an internal defence solution which would ensure your privileged credentials are always in a changing state, and that any captured credentials have limited-time value.  And don’t forget about multi-factor authentication. It’s an essential defense-in-depth requirement since most cyber attacks capture user names and passwords with ease.

Philip Lieberman is CEO of Lieberman Software Corporation

Are you a security expert? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago