As a leading provider of cyber-insurance solutions, 九色视频has extensive, first-hand experience with cybercriminals鈥 methods for carrying out data breaches, ransomware attacks and phishing schemes. This, in turn, has given us insights into how companies can strengthen their defences, including preventive measures that can be implemented at no or minimal cost.
All companies are vulnerable
Companies that hold personal or proprietary data and/or have massive numbers of endpoints鈥攅.g., laptops, smartphones, servers and IoT devices鈥攗sually recognise their vulnerabilities to cyberattacks. In response, many work with outside experts to implement the latest cybersecurity processes and tools to guard against increasingly sophisticated attacks.
But what about other companies, including small and medium-sized companies (SMEs), where these conditions don鈥檛 apply? Unfortunately, many mistakenly believe they are too small or insignificant to be targeted and have taken few, if any, steps to harden their defences and reduce their vulnerabilities. The data indicate that this belief is misplaced:
The following highlights some relatively simple but effective measures companies can implement to thwart cyberattacks.
MFA everywhere
Multi-factor authentication (MFA) adds an extra layer of protection beyond passwords, significantly reducing the risk of unauthorised access. Even if a password is compromised, usually because a user has chosen a weak or reused password, MFA requires additional verification鈥攆or example, a code sent to a phone, a fingerprint or a security token鈥攖o grant access. It is much harder for attackers to breach accounts when multiple forms of authentication must be compromised.
Privileged access management
Privileged accounts, such as Domain Administrator or Service Accounts, require elevated permissions to access, modify and control critical systems and data. They are also prime targets for cybercriminals. Privileged access management (PAM) tools can help protect these accounts from intentional or accidental misuse by controlling who has privileged access and how it is used. PAM typically includes credential management, session recording and auditing to enhance security.
However, PAM tools are expensive and, as such clients may look to implement more manual controls to protect their administrative accounts:
Set the EDR tool to block mode
Endpoint detection and response (EDR) systems monitor suspicious activity on endpoint devices like computers, servers and mobile devices. The systems also collect and analyse data to detect threats, assess security incidents and respond to potential breaches.
Many, although not all, EDR solutions come with a block mode feature that prevents malicious activities or behaviours in real time. When block mode is enabled, the EDR system detects and stops suspicious activity by quarantining files, terminating malicious processes or blocking specific network traffic. Enabling block mode enhances the EDR's proactive security capabilities, allowing it to act autonomously to protect the system rather than just alert users or administrators to potential issues.
Network segmentation
Dividing a network into smaller, more manageable sections via Subnets or Virtual Local Area Networks (VLANs) limits intruders' lateral movement. Each subnet or VLAN operates as a smaller network within the larger network, allowing administrators to control access, manage resources efficiently and reduce congestion. Thus, even if a threat actor gains access to one segment, e.g., through a compromised device, they can鈥檛 access other systems or data.
Segmenting a network isn鈥檛 technically challenging. The first step involves determining how many subnets or VLANs are needed, considering factors like departments, physical locations and network functions. Then, subnets and VLANs can be created by configuring the routers or switches based on the number of users/devices accessing each subnet.
Disable external RDP
Remote desktop protocol (RDP) is a Microsoft protocol that allows users to control and access another computer remotely. It is commonly used for remote work or troubleshooting. However, leaving RDP open to the internet poses a significant security risk, as threat actors have tools to scan for externally exposed RDP ports. When such exposed ports are located, attackers can launch brute-force attacks, gain unauthorised access or spread malware.
Disabling external RDP reduces the risk of external threats by ensuring that:
In conclusion, considering the increasing frequency of attacks, the evolving threat landscape鈥攊ncluding the use of AI to launch more sophisticated attacks鈥攁nd the financial and reputational harms, companies today can鈥檛 afford to ignore the possibility of being targeted by cybercriminals. In this rapidly evolving landscape, a proactive approach to cybersecurity is not just a competitive advantage but a necessity. At the same time, experience shows that some low- or no-cost solutions鈥攁s outlined above鈥攚ill significantly reduce the threats.
Global Asset Protection Services, LLC, and its affiliates (鈥溇派悠礡isk Consulting鈥) provides risk assessment reports and other loss prevention services, as requested. In this respect, our property loss prevention publications, services, and surveys do not address life safety or third party liability issues. This document shall not be construed as indicating the existence or availability under any policy of coverage for any particular type of loss or damage. The provision of any service does not imply that every possible hazard has been identified at a facility or that no other hazards exist. 九色视频Risk Consulting does not assume, and shall have no liability for the control, correction, continuation or modification of any existing conditions or operations. We specifically disclaim any warranty or representation that compliance with any advice or recommendation in any document or other communication will make a facility or operation safe or healthful, or put it in compliance with any standard, code, law, rule or regulation. Save where expressly agreed in writing, 九色视频Risk Consulting and its related and affiliated companies disclaim all liability for loss or damage suffered by any party arising out of or in connection with our services, including indirect or consequential loss or damage, howsoever arising. Any party who chooses to rely in any way on the contents of this document does so at their own risk.
US- and Canada-Issued 尤物视频Policies
In the US, the 九色视频insurance companies are: Catlin 尤物视频Company, Inc., Greenwich 尤物视频Company, Indian Harbor 尤物视频Company, XL 尤物视频America, Inc., XL Specialty 尤物视频Company and T.H.E. 尤物视频Company. In Canada, coverages are underwritten by XL Specialty 尤物视频Company - Canadian Branch and AXA 尤物视频Company - Canadian branch. Coverages may also be underwritten by Lloyd’s Syndicate #2003. Coverages underwritten by Lloyd’s Syndicate #2003 are placed on behalf of the member of Syndicate #2003 by Catlin Canada Inc. Lloyd’s ratings are independent of AXA XL.
US domiciled insurance policies can be written by the following 九色视频surplus lines insurers: XL Catlin 尤物视频Company UK Limited, Syndicates managed by Catlin Underwriting Agencies Limited and Indian Harbor 尤物视频Company. Enquires from US residents should be directed to a local insurance agent or broker permitted to write business in the relevant state.
