One click, one employee. Then, boom! Cash App's vault cracks open, spewing millions of user records like confetti. This isn't some future dystopia clickbait—it's our current reality.
In the Cash App Investing Breach (July 2023), hackers used a compromised employee account to access Cash App Investing's systems, exposing personal data and financial information of over 8 million users (about half the population of New York).
This is just one example of the many sophisticated breaches we're seeing today that have impacted Uber, Spotify, Activision, ChatGPT, SysAid, and many of their millions of customers. Cybersecurity isn't just about firewalls and antivirus, it's about every single person behind the screen. Let's rewrite the script before the next click becomes a catastrophic breach.
There were 2,116 publicly reported data compromises in the first nine months of 2023—a 17% increase from the entire 12 months of 2022. In fact, there were 233.9 million people impacted in Q3 of 2023 alone. Attacks are on the rise —76 percent of companies globally said it was the leading priority for their company's information technology in 2023 (80.8 billion U.S. dollars worldwide for 2023).
Customer data needs protecting.
What is cybersecurity?
Cybersecurity, the practice of protecting networks, systems, and devices from digital attacks, is of the utmost importance. These attacks are aimed at accessing and changing, or deleting, sensitive information. Common examples include interrupting business processes; accessing logins for social platforms (Twitter had 200 million email addresses leaked in January of 2023); email phishing (an online e-mail scam that appears to be from a well-known source); and extorting money using ransomware (malware that encrypts files on a device and renders them unusable).
Threats are everywhere.
Which is exactly why your company needs to invest in the best front line of defense you can.
So, what do we mean by “front line of defense?”
Your employees. It’s not enough for IT to be trained and well-versed in cybersecurity, but your entire company needs to know how to spot, report, and avoid phishing and security threats.
The people manning your IT support desks—those who mitigate risks, keep end users satisfied, and typically respond first to network or server threats—need to be well-equipped with the proper training and tools to ensure they can do what they need effectively and efficiently—keep data secure. This article will explore the most important cybersecurity features service desks need to keep companies safe and secure.
Employee Cybersecurity Training
Human error causes 80% of cyberattacks.
Common human error examples that lead to cyberattacks:
- Accidentally clicking on an attachment to a phishing email
- When an end user fails to run a security patch to fix any vulnerabilities in the system
- Weak passwords (easier to access accounts)
- False links and landing pages have even been found to bypass Google 2-factor authentication to allow hackers to steal Gmail user credentials (a HUGE deal considering most people have been taught to associate 2FA as the most secure way to protect accounts/access)
- Failing to implement proper access controls (two-factor authentication or role-based access controls to limit access)
- Lack of a cybersecurity incident response plan (what to do when a threat occurs)
Most of the examples above have one thing in common: they can be prevented with learning and development initiatives. The fact of the matter is, even though some of this has become common internet-safety knowledge (i.e., don’t click on attachments from emails where you don’t recognize the email sender), attackers are getting much more sophisticated and harder to detect, which requires more in-depth training for users each year. Attackers have moved on from emails to things like targeted phone calls, and even deepfake videos of CEO’s (used to trick crypto customers in 2023).
To successfully keep your IT department operating in tip-top shape, you need to conduct regular security awareness training for everyone, not just service desk staff. Employees need to be aware of potential threats, social engineering attacks, and the best practices for maintaining security. For those in the US, the Cybersecurity & Infrastructure Security Agency is a good place to start.
PS—You don’t have to worry about building out the training materials on your own. There are plenty of reputable IT cybersecurity training companies out there (you can even adjust based on industry-specific needs, budget, and your company size) to fit your business, but you must find a solution if you want to keep the office lights on.
How to Develop an Incident Response Plan
Accidents happen—they’re a part of life.
But it’s your job to make sure the accidents don’t become wildfires and spread. To combat the spread and keep the threat contained, your company needs an IRP. An Incident Response Plan (IRP) is an official company document that outlines what to do before, during, and after a security incident or threat. The IRP clarifies roles and responsibilities, establishes a clear chain of communication, and lists key activities to be done.
This is where your IT service desk comes in. As the front line for all technology-related issues, the service desk plays a crucial role in identifying, reporting, and containing security incidents. They're the ones who receive those first phone calls or emails about suspicious activity, and their swift action can make all the difference in minimizing damage.
- Identify: The IT Service Desk must be equipped to recognize potential red flags, like unusual login attempts or malware indicators, and escalate those concerns immediately to the designated incident response team. This rapid communication allows for a faster activation of your IRP, minimizing the attack's window of opportunity and helping to isolate the affected systems before the fire spreads.
- Respond: The service desk can also be a valuable asset during the actual incident response process. They can provide crucial user support with things like assisting employees to reset passwords, accessing locked accounts, and navigating potential disruptions caused by the incident.
To make sure everyone’s on the same page about what to do, conduct an attack simulation exercise, also known as a tabletop exercise (TTX). During the simulation exercise, everyone will play the game as their current real roles, unless otherwise stated by the facilitator, and will follow the IRP for what to do and who to contact—everything on the IRP should be logical and easy for employees to act accordingly.
Tip: IRPs should be updated and revised regularly to ensure it includes current employees, processes, and systems. A good practice is to set a standing meeting at the start of each business quarter to review the IT IRP.
Ensure Service Provider Security
An excuse you can’t use in the IT industry: It wasn’t my fault.
Because even if it wasn’t, you’re responsible for doing your due diligence on the tools you use and people you hire. And sure, you can’t predict the future, and mistakes happen, you still need to do everything within your control to keep what you can, under control. One of those things being: performing security checks and assessments on any third-party service providers, vendors or suppliers you use. Make sure your vendors adhere to good, secure cybersecurity practices, and don’t introduce any added risks to your business.
How do I make sure my service providers are secure?
Review their security policies, controls, and certifications.
Verify their compliance with any industry or legal requirements (GDPR, HIPAA, or PCI-DSS).
This should be built into your vendor sourcing cycle and checklists.
Why are vendor security certifications important?
In addition to the plethora of reasons we’ve already covered, Chapter 8 of the General Data Protection Regulation (GDPR) says that if a data breach occurs, the data controller (you) and the data processor have responsibilities. Meaning: you are responsible for the processor’s compliance.
Why is Data Encryption Important?
To protect your service desk data from unauthorized access during transmission and storage, you should employ encryption methods during both. For transmission you should use protocols like HTTPS and Virtual Private Networks (VPNs). For storage you should encrypt the stored data with a either a symmetric encryption (a single secret key is used to encrypt the information) or an asymmetric encryption (two separate keys are used for the encryption and decryption processes).
Popular symmetric encryption examples:
- Advanced Encryption Standard (AES)
- Data Encryption Standard (DES)
- Twofish
Popular asymmetric encryption examples:
- Public keys – publicly available or shared with authorized recipients
- Private key – required to access data encrypted by a public key
The Importance of Access Control and Authentication
Just like users don’t and shouldn’t have access to company data, not everyone in the company needs access to everything within the company. To mitigate the risk of information getting into the wrong hands, both inside and outside of the company, implement access controls. Access controls are a set of policies for restricting access to information, tools, and locations (physical and digital). A good place to start is by enforcing the principle of least privilege—granting users the minimum access rights necessary to perform their job functions, and increasing it as needed.
Not only do users need the ability to access the information, but they also need to confirm they are who they say they are (authorization)—especially important with the rise of remote work. Some best practices for authorization include two-factor authentication or bio-metric confirmation (a thumbprint, retina scan, or Apple’s FaceID). Once authorized, users can view the data and programs they have access to.
Protecting your company’s data is only growing in importance. The faster you can get ahead (have the right systems and training in place, the better off you’ll be). In doing so, the service desk serves as an integral part of the success and safety of your company, especially with the yearly increase in cyberattacks happening. Invest in the appropriate tools and training—keep your company running smoothly. If you need assistance selecting the right tools and solutions, book a free call with EasyVista’s consultants!
