Back to Basics: Retro Cybersecurity Lessons Still Matter

We are all too familiar with the game of leapfrog being played between cybersecurity personnel and hackers as stories of data theft, identity theft and malware are reported daily. Luckily, technology is often on our side. Machine learning can now watch for strange and unexpected behaviors, alert artificial intelligence systems when an anomaly is spotted and trigger automated actions in the blink of an eye to quarantine an infected system or alert the security team to quickly act.

So, it’s all good? Not so fast. People are becoming complacent and ignoring the basic lessons we learned decades ago. Technology has advanced immensely since 1990 when the term “cybersecurity” arrived on the scene.

In 1990, passwords were simple. Most people only needed three: work login, email login and dial-up internet. They were updated irregularly and used simple phrases. This changed with the rise of online shopping through retailers like Amazon and eBay. People needed to tie credit cards to their accounts and start using longer passwords considering there was more at stake. 

Step forward to 2018 and we now store everything from photos to finances online. But, passwords have actually become weaker – the most common in 2017 was still PASSWORD. Meanwhile cybercriminals, now more than ever, are turning to email to execute attacks. You’ve heard it 1,000 times, but the importance of practicing good password hygiene still rings true. We need to remember best practices, personally and in business:

● Change your password regularly and follow complexity guidelines. Ideally, a password is no less than eight characters with a mix of letter case, numbers and symbols.

● Don’t reuse passwords. For business especially, identity and access management systems can ensure unique passwords and prevent reuse.

● Use two-factor authentication where possible, but remember two-factor authentication that’s backed by a weak password can still prove ineffective.

Malware has become more prevalent and diverse since the 1990s, no longer reliant on floppy disks or downloads from dial-up bulletin boards. But, that doesn’t mean old adages are superfluous. When viruses started to spread by email, anti-virus became an important protection tool. Now in 2018, malware is spreading at epidemic rates with hundreds of millions of new samples being discovered every day. Traditional anti-virus software cannot keep up as malware hides, shape-shifts and time-detonates, but this does not mean that it’s any less important. Some key tips to keep in mind include:

● Always use the most recent anti-virus software available and ensure that it’s updated regularly for the latest signatures. 

● Avoid disabling advanced features. When you keep your security products up to date, you can ensure that the best protection for your organization is always available. Current toolkits are cloud-enabled, so if a new threat is detected, you can make sure you are protected in real time.

● Ignore the old arguments that anti-virus “slows down my computer.” While this may have been true with the inefficient software of the 1990s, computers today are so powerful and have such well-managed software that antivirus won’t have more than a two percent impact on performance – a hardly noticeable amount. 

Now, let’s think about the network. In 1990, we had a simple firewall, a computer without a cable was considered ‘disconnected’ and the Wi-Fi explosion had not yet happened. Protecting the network was fairly simple, only requiring basic firewalls. This is where we’ve seen drastic change with the availability, bandwidth and expectation of 24/7 access to information. 

All of these factors are driving the network to become better, bigger and faster. But as much as it’s the superhighway for all information and collaboration needs, it is also the superhighway for moving threats around, stealing data and preventing access. This is what we should we be thinking about in 2018:

● Your network sees everything – every spreadsheet, every email, every anomaly. It’s like a digital heartbeat – it needs to be monitored for fluctuations.

● Leverage intelligence. Remember that not all devices have built-in security – like IoT sensors or industrial controls – and cannot self-protect. Network intelligence turns data and actionable insight into your security posture, which can be used to create dynamic policies for faster mitigation and remediation of threats.

● Security solutions must work together. It’s rare today for an organization to rely on a single vendor for all their cybersecurity needs – but it’s imperative that all solutions leverage the same intelligence, use the same policies and work cohesively.

Lastly, in 1990, cybersecurity companies operated as competitive adversaries. Today, this is no longer practical as the reality is that we’re all out to prevent the same threats. Although we still compete at the business and solutions level, it’s critical that cybersecurity vendors also share threat information. When a new threat is discovered, the fingerprint for that threat should be shared as quickly as possible, enabling all vendors to protect their customers.

Original author: Laurence Pitt