Cyber Incident? Get Help

3 reasons why cybersecurity demands Active Protection

Blog BoostSecurity

Just like a football game or a high school debate, in order to take home a win, you have to play a strong game of defense. In today’s digital world, this means protecting your network. Unfortunately, many are still missing basic countermeasures when it comes to cybersecurity.

Your clients are used to paying their annual antivirus protection fees and remaining complacent towards cybersecurity. But successfully foiling cybercriminals in 2022 is not that simple. Legacy antivirus tools are no longer sufficient. Rather, companies need to improve their defense-in-depth to proactively identify and neutralize threats to their network.

To help provide this needed level of protection, Coalition’s Active Insurance monitors your client’s network perimeters, enabling your clients to stay a step ahead of their exploitable vulnerabilities.

Today’s cyber challenges include the limitations of traditional antivirus software, firewalls and newer untested technologies that carry digital risk. Here are three network challenges with some common legacy tools and how to combat them. 

1. Traditional antivirus software no longer effectively protects networks. 

In the past, signature-based detection incorporated into antivirus software was sufficient to stop cyberattacks. But now that cybercriminals have learned to modify their malware, they can evade a business’ simple antivirus protection. 

To supplement antivirus tools, organizations also need endpoint detection and response (EDR). This behavior-based software is better equipped at identifying malware thereby enabling end users to more quickly respond to threats. Whereas traditional antivirus is limited to a signature library, which requires regular updating, EDR’s behavior analysis capabilities enable it to detect suspicious activity on the endpoint — i.e., any devices connected to the network including laptops, desktops and phones — and remediate these threats. 

When critically-vulnerable exposed servers are identified with Coalition’s Active Insurance, your clients are quickly alerted and given recommendations for fixing the problem. Unlike traditional  antivirus software, which may fail to identify an infected endpoint that has yet to be exploited, Active Insurance actively scans the cyber perimeter, effectively preventing a cyber event.

2. Firewalls alone aren’t enough

Firewalls are designed to block certain ports while allowing others into the network. Now cybercriminals are utilizing strategies such as attacking remote desktop protocol (RDP), which has clearance to pass through the firewall.

Phishing, where a user is tricked into opening an email, text message or clicking on a link, based on the assumption that the message came from a trusted source, is another challenge for firewalls. Once this malware enters the network, the end user may not even be aware of it.

Firewalls are only one piece of the security puzzle. It’s important to limit what is exposed past your network perimeter, as it gives adversaries more opportunity to attack the inside of your network. When the perimeter is breached, adversaries will often find unprotected assets behind it. 

Consequently, the cybersecurity industry is moving toward Zero Trust solutions where nothing is allowed in unless explicitly defined. For those approved vendors allowed inside, activity is restricted.

With Active Insurance, policyholders maintain an inventory at their fingertips of all the internet exposed servers and technologies on their network. When risks are identified, users are notified of their network exposures and are provided with additional remediation guidance.

We essentially inform companies of what their network looks like from an attacker’s point of view. Organizations are therefore better protected by our continuous scanning and notification of their exposures, preventing potential attacks before they strike.

3. New technologies lead to new digital risks. 

Similar to antivirus software and firewalls, new technologies expose new vulnerabilities all the time, and cybercriminals are aggressively working to weaponize untested technologies. Consequently, organizations need to defensively  anticipate these attacks. Active Insurance helps businesses do this successfully. In addition to getting an Active Insurance policy,  the following strategies are also recommended:

  • Stay up to date on zero-day attacks.

  • Implement patches for vulnerable technologies.

  • Make sure your clients’ perimeter is only exposing what’s necessary — the more one’s network is facing the Internet, the greater the vulnerability.

  • While cyberattacks are faster and more adaptive, in many cases, adversaries will still go for the easy button, i.e., the human element. This includes phishing, brute forcing passwords on administrative accounts/password guessing and social engineering. Make sure your insured's workforce is trained to remain vigilant in recognizing  threats.

  • Enforce multi-factor authentication  — otherwise known as MFA — for all email, remote access, and administrative access. 

Contact Coalition for more information on reducing your clients’ cyber risk with Active Insurance.