Companies across the globe have been fighting cyber-attacks for years, but the sophistication, frequency and intensity of attacks is increasing.
Due to the skill level required to execute attacks, these attacks were previously focused on larger organizations as they represented the deep pockets necessary to finance a return. As the tools have become more ubiquitous, however, the targets have trended heavily toward small to midsize companies of less than 1,000 employees and $1B in revenue—where many environmental services companies live.
In this blog post, I’ll outline the current cybersecurity issues that you need to understand, how they can impact you, and what you can do as an environmental consultant or company leader to mitigate your organization’s risk.
Why you need to care about cybersecurity
There are many reasons why the environmental services industry is vulnerable to cyber attacks, but there are a few key issues.
It has become incredibly easy for cyber criminals to execute attacks. These attacks once required specialized knowledge, but the rise of the hacking business model of ransomware-as-a-service has brought effective hacking tools to the hands of criminals that previously lacked the knowledge to execute such attacks.
Business rely on online tools more than ever before, and have become more willing to quickly pay to restore their business operations. The rise of privacy laws and associated lawsuits has offered attackers an additional incentive to request quick or even double payment as a company’s liability has expanded from network breach to data privacy protection.
Many organizations have not updated their security approach. They continue to rely on traditional preventative methods instead of a more layered approach that combines preventative measures with proactive solutions. This is either due to lack of awareness or the impact of the perceived “inconvenience” it causes their end users.
Many companies cannot afford to hire dedicated cyber security professionals to architect solutions to the issues above.
Common cyber attack methods
There are a multitude of ways cyber criminals operate, but there are probably a few efforts you’ll recognize, such as:
Phishing: providing a false website or link to extract your credentials or other important information that will be used in other attack vectors
Spoofing: mimicking a trusted resource within your company to affect a bank change, payment or gift card fulfillment
Business email compromise: where a hacker will use your email to phish or spoof a partner
Network or data breach: where hackers will gather information within your environment for sale on the dark web or provide addition vectors of attack
The reality is that hackers are showing much more sophistication in not simply executing the above, but leveraging this into more complex and long life end goals where they monitor and learn your behavior to send false invoices into your AP department, request false direct deposit/bank requests into your finance department, or even attack your partners with false bank change information to siphon off your receivables.
In the next few years, every environmental services company and their partners will become victims to these attacks at some level. The question is what will they do today to either minimize or mitigate the challenges these attacks will impose?
As the Chief Information Officer at Cascade, I want to offer an overview of what my team is doing—so you know how we’re keeping our (and your) data safe, but also to provide a possible roadmap for your own organization.
Preparing for and mitigating risk of cyber attack
At Cascade, our layered approach to protecting our company and our partners falls into four general areas:
- Identity management
- Endpoint protection
- Proactive detection and response
- Access and behavioral management
Our employees’ identities (login) are the edge of network security and must be protected at all costs. The two easiest ways to build a strong identity program are to implement multi-factor (MFA) identification and to minimize the number of identities through single sign-on (SSO).
MFA identification is the single most straightforward way for you to protect the security of your organization. If you do not currently have this implemented, do so immediately.
Beyond that, we only allow systems that require MFA as part of our software architecture and we monitor the behavior of those identifications heuristically through SSO at both a behavioral and geographic level.
Like most companies today, we employ a number of endpoint tools like firewalls and anti-virus/anti-malware tools. It would be fair to say this is where cybersecurity ended for most companies just a few years ago. But as the threat vector has morphed, additional strategies need to be employed that focus on behavior and assumed breach, which leads us to other critical layers of protection.
Proactive detection and response
The two areas above will provide a great shield but using the same mindset, we further employ proactive tools that monitor application and network behavior for aberrations and automatically respond to anomalies through both artificial intelligence and human research to ensure the integrity of the identities and behavior.
Access and Behavioral Management
Layering with the identity protection, we assume that every connection request is not to be trusted and therefore subject to validation with the various layers that we employ. Too often, systems are designed around the convenience of access, not the optimization of security. By building a profile of our employees’ connection behavior, we can challenge abnormal devices, location and application behavior at a core level as employees identities access systems.
I hope this high level review of our strategy will help your company start its own journey to cybersecurity strength. The Cascade Information Services team is always willing to share our knowledge with you and partner to fight back against this increasingly sophisticated problem.