Five Biggest Cyber Security Mistakes That Show The Need For Automated Defences

As a cyber security software vendor, we’ve conducted many risk assessments for enterprises. Over the years we’ve seen some egregious security faux pas, even at highly regulated organisations. However, despite the occasional outlandish blunder, most of the IT security mistakes we witness are fairly common and predictable. In our experience, here are the five most frequent information security errors that organisations make:

  • Common credentials: Setting all workstations and/or server administrator accounts to the same password is a convenience for IT – but also for hackers.  If one machine is compromised and the password discovered, all the machines with that same password become compromised.
  • Local administrators: Allowing users to logon as administrator of their own machines is a normal, although perilous, IT practice.  Should malware take over a machine, attackers can potentially gain access to the domain administrator accounts that manage the system. That can quickly escalate to the point where an organisation loses total control of its enterprise.
  • Persistent access. Too many organisations allow systems or applications to use domain administrator accounts with long-lived privileged passwords to manage machines.  Problem is, if an intruder steals the password he can use it to maintain access for as long as that credential remains unchanged – whether it’s weeks, months or even years.
  • Porous perimeter. Perimeter security tools like firewalls and intrusion detection are effective at defending against known threats. But targeted phishing attacks, zero days and similar advanced threats can easily bypass perimeter protections and infiltrate the network.
  • Bad assumptions. One of the most dangerously incorrect assumptions that many IT groups make is that their environment cannot be, or has not been, breached. That is a bad bet to make, but the problem compounds when nothing is done to proactively search for intrusions or compromised systems – and prepare for inevitable cyber attacks.

So what is an organisation to do when they’ve committed one or more of our top five cyber security mistakes? Here’s our first recommendation: air gaps. By that we mean disconnect critical systems from the Internet and don’t allow the use of untrusted peripherals on your network.

Then, consider implementing an internal defence solution which would ensure your privileged credentials are always in a changing state, and that any captured credentials have limited-time value.  And don’t forget about multi-factor authentication. It’s an essential defense-in-depth requirement since most cyber attacks capture user names and passwords with ease.

Philip Lieberman is CEO of Lieberman Software Corporation

Are you a security expert? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Uber Agrees To Support Minimum Wage In Australia

Uber reaches deal with federal transport union to support legislation over minimum pay for 'gig…

15 hours ago

Virtual Reality Sales Predicted To Take Off In Spite Of Economic Gloom

Market analysts see strong demand for virtual reality and augmented reality tech through 2026 in…

16 hours ago

Iran Steel Plants ‘Hit By Cyber-Attack’

Hacking group claims responsibility for reported attacks on several major Iranian steel plants, with one…

17 hours ago

US Says Private Investment Boosts EV Charger Manufacturing

US says private companies investing more than $700m to expand domestic electric vehicle charger manufacturing…

18 hours ago

Tencent Forms XR Unit In Metaverse Drive

China's most valuable company Tencent forms extended reality (XR) unit combining hardware and software as…

19 hours ago