- Chapters
- descriptions off, selected
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
End of dialog window.
- Chapters
- descriptions off, selected
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
End of dialog window.
Cybersecurity Fundamentals: Back to Basics
CybersecuritY Fundamentals
Conducting regular IT asset audits provides both security and compliance benefits, helping you identify security gaps, apply patches in a timely fashion, and keep your defenses up to date. This includes hardware and software and even extends to understanding software dependencies – a vulnerability in a software library used by a system you use may mean a vulnerability in your system. Shadow IT introduces further security gaps and blind spots that need to be remedied.
Shadow IT can account for more than 50% of the IT activity of some SMBs.
Unprotected edge devices such as firewalls or routers offer threat actors opportunities to access networks, intercept and mirror data, and recruit devices into botnets or other malicious infrastructure. Threat actors regularly scan for vulnerable devices. Regular patching and hardening management interfaces exposed to the internet are essential.
"vulnerabilities in internet-facing devices" was one of the top Initial Access Vectors
26% found in incident response engagements in 2023~ Learning from Incident Response: July – September 2023
Unmonitored endpoints mean reduced visibility for you and potential entry points for threat actors into your networks. Bring Your Own Device programs may lead to an increase in unmonitored devices, unless device management is required.
"network compromise" tied as the most prevalent engagement type in Q3 2023 – 16% ~ Learning from Incident Response: July – September 2023.
According to Microsoft, 80-90% of ransomware compromises come through unmanaged devices.
We understand that these recommendations, simple as they are to make, can sometimes be challenging to implement. However, working closely with a trusted technology partner like Secureworks provides a significant step forward in ensuring that your security practice keeps you safe.
Read the State of the Threat Report