PacketWatch Blog

5 Cyber Security Questions Business Owners Should Ask Their IT Department

Written by PacketWatch | August 26, 2019 1:30:00 PM Z

With daily revelations of new cyber threats and data breaches, business owners are looking to better understand and manage the risks and vulnerabilities that exist with their:

  • Information Technology (IT) Assets
  • Employees
  • Supply Chain Partners
  • Processes

They hear stories of the potential damage a breach can cause, but they struggle in understanding how it could happen to their company.

Business owners can no longer deny the problem and need to talk forthrightly with their IT management team by asking the right questions about their preparedness.

This post will cover the first five (5) questions business owners should be asking their IT managers about their cyber security posture. Be sure to read Part 2 for five more questions that are essential to the conversation.

1. Are you able to tell me about all of the communications occurring on our network right now?

With the plethora of devices employees bring to work (BYOD) and the surveillance cameras, thermostats, access control systems and sensors (IoT devices) connected to the corporate networks, few organizations understand what is actually communicating on their networks. Improving network visibility and monitoring network traffic are two proven steps to enhancing the security of your networks. These steps allow you to identify an attack early and minimize the amount of damage done.

“…the majority of IT managers cannot even identify 45 percent of the traffic… 84% agree that this lack of network visibility is a critical issue.”

 SC Magazine

2. How would we know if a rogue device was connected to our networks? Or attached to our wireless network?

The number of IOT and BYOD devices connected to corporate networks is expected to double again by 2020 placing even greater demands on corporate networks. Yet few organizations are able to inventory, track and control what devices are connected to their networks and identify rogue or unauthorized devices. The inability to control access is a significant problem in that an unauthorized device may be used to leverage access to other systems and sensitive materials. A few commonsense controls and monitoring at key locations can vastly reduce your risk while not encumbering your employees with Draconian measures.

3. How would we know if someone on our network sent out a sensitive list of our customers to a competitor?

Many organizations unknowingly allow their employees access to remote management software (i.e. TeamViewer or GoToMyPC), file-sharing programs (i.e. DropBox), messaging applications (Facebook, WhatsApp) and personal email accounts (i.e. Gmail) while connected to their company network. These tools can facilitate the leakage of sensitive information outside of your organization without you even knowing. Some business owners have a policy against the use of such programs but have no way to know for sure if these programs are being used. By monitoring and actively looking for these programs, business owners can more effectively stop the leakage of sensitive data.

4. What are the nature and types of cyber-attacks we are currently experiencing? How well are we catching/preventing them? How would we know if something got through our firewalls?

Nearly everyone has a corporate firewall in place and the hackers know it. That’s why they prefer to use other tactics like phishing, credential stuffing, and account hijacking to gain unauthorized access to your networks. With increasing sophistication, hackers use deception and social engineering to trick you and your employees into clicking on a link or accessing an infected website, bypassing your perimeter defenses. Once inside nothing is watching for telltale communications used by the malware to “check-in” with outside controllers or pivot and access to other internal systems. By continuously monitoring communications protocols and understanding the hackers’ techniques, latent malware can be detected and eradicated more quickly.

“Having tools that heighten detective or forensic capabilities can significantly reduce data breach cost.”

– IBM/Ponemon – 2018 Cost of a Data Breach Study

5. How do we protect sensitive information handled, stored, transmitted, or accessed by third-party vendors?

Nearly every business relies on a network of vendors, suppliers, advisors, consultants, and partners to perform their daily tasks. Very few have inquired as to what business information those 3rd parties maintain that you are responsible for and what steps they take to protect your information. Even fewer have written agreements assigning roles and responsibilities or creating the ability to audit the handling of your information. Would you want your supplier’s employees accessing your company network from their home computer? Or over a public network at the airport or coffee shop? More and more businesses will be asking you the same questions.

Next Steps

Every business owner needs to schedule a time to sit down and ask their IT management team these essential questions and decide on the level of risk they are willing to accept now and in the future.  If the answers are not what you expect, engage with a knowledgeable team of experts to help fill the gaps and get to an acceptable level of risk.

 

Be sure to read Part 2 for 5 more questions:
10 Cyber Security Questions Business Owners Should Ask Their IT Department (Part 2)