Q&A: Top five best practices and trends in defending against cyberattacks

It’s no secret that cybersecurity is of primary concern in boardrooms, in the halls of academia, and in federal, state, and local governments. IBM, in its most recent Cost of a Data Breach Report reported that the global average cost of a data breach in 2023 was $4.45 million, representing a 15% increase over three years. And that’s just the financial aspect — how can you calculate the possible reputational impact to your brand? 

Even the most optimistic of prognosticators are calling for 2024 to be more stressful for cybersecurity professionals than 2023. This is due to a variety of factors: The advent of AI-fueled data sharing, the advancement of operational technology (OT) and the Industrial Internet of Things (IoT) have all broadened the attack surface.

I recently sat down with Chuck Brooks, President of Brooks Consulting International, who is a globally recognized thought leader and subject matter expert in Cybersecurity and Emerging Technologies. I asked him to provide insight on the top five best practices and trends in defending against cyberattacks.

Brian Kelly:  What are the most critical steps to securing a computer network?

Chuck Brooks: The expansion of connectivity of people and devices on the internet has enlarged the attack surface target area for breaches. Also, the development of the IoT has also completely changed the dynamics and the size of the expanding cyberattack surface. With an estimated 50 billion connected devices and trillions of sensors working among them, hackers have many options to breach cyberdefense and exfiltrate data. Therefore, securing networks can be very challenging in the current ecosystem. 

Taking a risk management approach is fundamental to the security of a computer network. Based upon a risk management architecture, there are a variety of solutions, services, and protocols to consider as no one size fits all.

I would recommend organizations use an established cybersecurity framework that draws on industry experience and best practices, such as those provided by the National Institute of Standards and Technology (NIST). Next, they should do a vulnerability assessment of all devices connected to your network (on-premises and remote) and create a cybersecurity incident response plan. 

They should use multi-layered cybersecurity protections, strong firewalls, secure routers and WiFi. And then they should regularly scan all software for vulnerabilities in networks and applications, and regularly update and patch vulnerabilities to both networks and devices. 

On the behavioral side, companies should implement security awareness training for all employees. They should set up privileged administrative access for device controls and applications and use strong authentication and biometrics for access control. Further, organizations should encrypt sensitive communications, especially for data in transit. 

Finally, organizations should consider managed security and external subject matter experts if they do not have in-house resources to carry out these tasks.

Brian Kelly: What are the most prevalent cyber threats today?

Chuck Brooks: Phishing and ransomware are always at the top of the cyberthreat matrix. Advances in technology have made it easier for hackers to phish. They can use readily available digital graphics, apply social engineering data, and a vast array of phishing tools. With AI-automated phishing attacks, it’s likely phishing will continue to grow and remain the top choice for hackers to target victims. 

Ransomware often accompanies phishing. With the ability to receive the ransom via cryptocurrencies and with so many potential targets available, ransomware will likely be around for a long time. 

Ransomware has only become more sophisticated and more widely available over time. In fact, cybercriminals can now subscribe to “Ransomware-as-a-Service” providers, which allow users to deploy pre-developed ransomware tools to carry out attacks in exchange for a percentage of all successful ransom payments.

AI and machine intelligence will also be used to spread malicious software, choose targets automatically, check infected environments before moving on to the next step of the attack, and stay hidden. Cybercriminals are using AI to spread a wide range of harmful digital risks. 

Brian Kelly: Could you please explain the role of patch management in maintaining security?

Chuck Brooks: To fix a security hole in software, the company that made it releases a small piece of software called a patch. They can save you a lot of trouble, though, if you install them.

If patches were put in at the right time, many of the worst breaches could have been stopped. Not so much installing the patches as handling the logistics of patching an entire system is what gives enterprise-sized businesses the most trouble. More than anything else, it's project management.

Tools that automatically handle patches are often used because so many devices and programs need to be kept up to date with the latest code. Working with a managed services partner can be a great way to ensure that all systems and equipment receive patches as they become available.

Brian Kelly: What are your thoughts on the key elements of a strong security policy?

Chuck Brooks: To keep up with new threats, a strong security policy with a cybersecurity plan should be both all-encompassing and flexible. Cybersecurity depends on the same types of security to keep people safe as physical security: layered awareness, readiness, and resilience. The public and private sectors need to work together to share threat information, best practices, incident reaction, and new technology that can help stop attacks. 

When people refer to security by design, they are discussing ways to keep up with new online threats, by planning, updating and strengthening networks. To be able to monitor, identify, and react to new threats, security by design means creating flexible systems that use operational cyber fusion. Protecting weak networks and letting people connect from afar should be a top concern. Security by design can also find practical and system dependencies early on, which gets rid of risk. 

Vulnerability assessments need to be a part of the process from the start. The control systems and data flows should be mapped as part of this, and all networked devices should be given the most attention. A risk assessment can quickly find and rank cyber vulnerabilities so that you can promptly put in place solutions to safeguard important assets. This includes using new security tools and policies to protect and back up business enterprise systems.

Brian Kelly: What do you see as important future trends in cybersecurity?

Chuck Brooks: Two areas to watch will be artificial intelligence and quantum computing.

AI will be a key component of our digital future. Artificial intelligence will make threat analysis and mitigation work better across the whole organization. More automation and monitoring solutions will be put in place to make remote employee offices safer and to deal with the lack of workers.

AI automated network security solutions will keep data and apps safe and will include drives that encrypt and fix themselves. Cognitive automation will also make it possible to scan the horizon and keep an eye on networks so that they can report any changes or problems in real-time. 

As we move past classical computing, a new age of data called quantum computing is starting to take shape. Data analytics and artificial intelligence are likely to change because of quantum computing. We will be able to solve some of the hardest problems in the world thanks to the speed and power of quantum computing. 

Quantum computing is getting closer every month, and it is already being used in real life. With quantum computing, it will be possible to make computers that can handle enormous amounts of data and do calculations very quickly. In a few seconds, libraries will be ready to be downloaded.  We have to prepare for these eventualities.

Brian Kelly: Thanks for your time and your insights today, Chuck.

Chuck Brooks: Thanks Brian.

How Spectrum Enterprise can help

Our managed solutions can help IT leaders reduce the burden on their understaffed and overworked teams, by automatically ensuring that your network infrastructure is up-to-date and secure, following the policies set forth by your organization.

Over 80% of Fortune 500 companies rely on Spectrum Enterprise for technology solutions. Find out more about how Enterprise Network Edge can help you address cybersecurity issues.