Every Month is Cybersecurity Awareness Month
As we near the end of October, we also near the end of National Cybersecurity Awareness Month (NCSAM). Hopefully, during this month more attention was given to cybersecurity in your organization. Maybe you reviewed or renewed your policies to keep up with the new way of work, started developing an internal threat strategy or gave your employees a refreshed cybersecurity training. But just because NCSAM is over, does not mean you can coast for the next year and wait until next October to review your organization’s cybersecurity awareness strategies.
The cybersecurity landscape is changing rapidly, and so too are the risks. This year with more employees working remotely than ever before and the economic downturn from the COVID-19 pandemic, protection against internal threats has never been more important. A report by Tessian found that between March and July of 2020, 43% of all security incidents reported were caused by malicious insiders. Additionally, over the last two years, there has been a 47% increase in the frequency of incidents involving internal threats, according to the Ponemon Institute “2020 Cost of Insider Threats Global Report,” with this increase expected to continue as the effects of the pandemic continue to be felt globally.
According AXA’s recent Future Risks Report 2020, phishing emails rose 600% over the course of the lockdowns. This is due largely to cybercriminals targeting employees working from home, who are using unprotected networks and personal devices and are distracted enough by their home life that they easily fall for their poorly worded email. On the other side of this year’s risk-prone coin, the economic recession felt around the world has caused furloughs, massive unemployment and financial/social pressures. Historically, in times of recession, the number of fraud cases increases, and this year is no exception. According to ACFE’s COVID-19:Benchmarking Report, 77% of respondents said they had observed an increase in the overall level of fraud, with one-third noting that this increase has been significant.
To ensure that your internal cybersecurity strategy is effective, it needs to be continuously evolving to keep up with the new threats. Below are four steps you can follow to ensure your strategy is robust and keeps the momentum from NCASM:
- Defining Roles and Risks
You may be thinking “I already have SAP roles” or “we already performed a roles redesign project,” but what we are talking about is not thinking about roles in the technical way. Instead, look at the roles and responsibilities of the individuals in your organization when it comes to managing and accepting risks. Who is approving the requests? Have they had the right training? Do they know the correct escalation procedures? Do they know who to contact when there is a problem? Make sure that you are not giving this responsibility to someone who has no idea what they are approving and are just pressing a button.
- Constant Monitoring of Access Risks
Instant and constant visibility of access risks is crucial. Seeing who is violating the risks in an intuitive, easy-to-read manner, gives you the visibility you need to remediate the risks. By automating this step, you will save your security team a lot of grunt work and time that is better spent on business-critical tasks.
- Remediate Based on Unused Access
The easiest place to start when remediating is removing unused sensitive access. This is the low hanging fruit. These are risks that are unnecessary and do not impact the business, or user’s day-to-day job. Leveraging technology and tools is a great way to do this quickly and effectively.
- Protect Sensitive Data
An effective way to protect your sensitive data is by leveraging emergency access management. Emergency Access Management (EAM) allows security and risk owners to grant temporary elevated access to users in a compliant manner, without exposing the company to unnecessary risks. Sometimes access privileges need to be elevated or granted for employees, contractors or external parties for a limited period of time. Utilizing technology to automate and track the process at each step—from requesting, approving, and granting, to the revoking of access when the request period has elapsed, helps ensure that the access is granted in a secure and compliant manner.
Delivering an effective cybersecurity awareness strategy is an ongoing process that needs to be addressed every month, every week, every day, not just on NCSAM. For more information about how you can ensure your cybersecurity and SAP security strategies are effective and efficient all year around, join Protect4s and ERP Maestro experts on November 19 for a discussion on identifying, remediating, and reporting security and GRC vulnerabilities before they are exploited. Click here to learn more and save your spot.