At the side of Trend Micro Red Code 2017, Trend Micro and Cyber Security Malaysia gave us a briefing on the key takeaway points from the cybersecurity conference.
The Trend Micro team comprised of Goh Chee Hoh (Trend Micro Malaysia Managing Director). Ryan Flores (Senior Manager, Future Threat Research, Trend Micro AP) and Law Chee Wan (Technical Sales, Trend Micro Malaysia). Cyber Security Malaysia was represented by Dr. Aswami Ariffin (Senior VP, CyberDEF@CSRS).
The Trend Micro Red Code 2017 Key Takeaway Points
Cybersecurity Best Practices
- Keep legacy systems and current secure: There are organizations still using Windows XP, Vista, or 7, for all of which Microsoft has ended support. This means there will no longer be security patches or updates anymore, leaving these systems vulnerable to cyberattacks. The recommendation is to quickly move to a new system or keep the current ones secure with third-party security software.
- Protect data storage systems: Wherever data is – on-premise, cloud, or in virtualized or hybrid environments – it has to be protected.
- Detect/prevent breaches: Targeted attacks can breach your organization without ever alerting traditional early warning and defense systems. Fail to spot an incursion, and you could be hit with industry fines, reputation damage and legal costs.
- Protect information on endpoints: Your organization could have information residing on mobile devices, laptops, and multiple virtual and physical endpoints. The more endpoints, the greater the risk surface.
- Data encryption: Encrypted data are “useless” to a hacker without the decryption key. It is imperative to encrypt sensitive data for both those in transit and those at rest.
- Backup of data: It is extremely important to have backups of consumer data. In an event where a breach happens and all information is stolen or encrypted by the hacker, at the very least an organization would still have the backups to carry on daily service, while trying to resolve the issue.
- Frequent assessments: Regular “checkups” on the capabilities of the system as well as the knowledge and education of employees is important. Trend Micro offers server assessments and also recommends that the people within the organization also be assessed via methods such as sending out test “phishing” emails.
- Cybersecurity awareness programs help get employees up to speed with the latest attacks, safe internet practices, security policies, and how to spot a security threat.
- Within an organization, there must be security policies governing the use of data and access to certain systems and programs.
To mitigate the risk of infection as effectively as possible, organizations to take a layered approach to security – from the gateway to the network, server and endpoint.
- Email and Web Gateway Protection
This will give a good chance of preventing most ransomware from reaching your users – whether that’s via a phishing email or a malicious website.[adrotate group=”2″]
- Endpoint Security
For a small percentage of ransomware threats that might make it through the web/email gateway protection, endpoint security will monitor for suspicious behavior, enforces application whitelists and features vulnerability shielding to protect against unpatched vulnerabilities that ransomware often takes advantage of.
- Network Defense
This layer guards against ransomware that spreads into the organization via network protocols.
- Server Protection
This is where most of the organization’s critical enterprise data will reside. It is essential to ensure any unpatched vulnerabilities are protected from ransomware via virtual patching, through a security solution which can monitor for lateral movement and file integrity.