Canadian Cybersecurity Research | 5 Essential Cybersecurity Services | The Cyber Review

June 14, 2021
Written by Ana R.

Canadian cybersecurity firm finds manufacturing companies were biggest ransomware targets in first half of 2021

Manufacturing companies were the biggest targets of ransomware attacks in the first half of 2021, according to a new report from a Canadian-based international managed services provider.

39 per cent of the victims listed on data-leak websites of ransomware groups were manufactured goods category.

Ways to reduce risk

--> Restrict a software’s ability to run from Windows %appdata% and temp folders.

-->Restrict the web browsing and email use by privileged users such as administrators, who are the main targets of attackers. Have separate accounts for administration and day-to-day computing.

--> Understand what their critical data assets are and how to protect them.

--> Ensure backups are and can’t be encrypted by an attacker.

--> Have a good business continuity plan that can be implemented quickly.

5 Essential Cybersecurity Services

1. Threat Detection and Response

Monitor popular software and SaaS apps on your customers’ endpoints—such as Microsoft 365 — you can detect abnormal behavior, stop it and investigate whether something malicious is happening. Endpoint monitoring and threat detection are the frontline in preventing attacks because any device, phone, laptop, computer, can be an entry point for malware.

Threat detection and response services can include:

  1. Monitoring and analyzing logs
  2. Security information and event management (SIEM) management
  3. Customizing alerts for individual users and devices
  4. Dark web scanning to detect stolen credentials
  5. DNS protection

2. Risk Assessments

A risk assessment can be a starting point for a discussion around compliance with key security and privacy regulations. A thorough risk assessment includes network vulnerabilities, data compliance issues and even internal threats.

Conduct risk assessments that cover areas such as:

  • How employees are trained/educated about cybersecurity
  • If and how threats are documented and addressed internally
  • Whether the organization assesses IT assets for vulnerabilities
  • Any plans or processes for addressing cybersecurity incidents (and whether that plan is followed during an actual incident)

3. Security Operations Center (SOC) as a Service  

SOC-as-a-Service can be offered via trusted partners and vendors rather than building an in-house SOC service which can cost millions.

4. Threat Intelligence

Organizations can receive information about emerging threats from an Information Sharing and Analysis Center (ISAC) or other threat intelligence provider. With advance notice of an attack, organizations can scan for vulnerabilities, patch vulnerabilities and get ahead of the hackers.

5. Backup and Disaster Recovery

Without backups and recovery tools, the organization loses revenue and their reputation is at risk.

Having a backup can be the difference between desperately paying a ransom to hackers or simply ignoring them. Plus, even if an organization does pay the demand, there’s no guarantee that the hackers will actually release the data, so having a backup also ensures that an organization can recover data.