Wayne Bridgeman II, a Senior Manager on AT&T’s Network Cybersecurity team, offers a 5-point checklist for businesses in 2022 alongside tidbits of often overlooked tactics that can strengthen security.
Wayne Bridgeman II is no stranger to the fighting ring. He fought professionally in the martial arts community for 5 years and has since transitioned to helping businesses combat the growing risk of cybercrime. Although the specifics differ, Wayne approaches his fights with the same strategic mindset. In both the ring and in cyberspace, success begins with knowing your own vulnerabilities. For the past 10 years, Wayne specialized in Network Technology and Cybersecurity, where he identified the needs of businesses and customized solutions to secure their networks. When asked about common misconceptions regarding cybersecurity, Wayne identified one pitfall many small business owners fall into: underestimating their potential to be victims.
“Put yourself in the shoes of a criminal and pretend you’re breaking into a car with a limited amount of time. Which is more appealing: the expensive car with the newest locks, or the late model car with rolled-down windows and a purse in the seat? Criminals often choose the option with less deterrence,” Wayne said, “One of the biggest traps small businesses fall into is thinking that they aren’t as appealing to cybercriminals because they’re smaller and have less to offer. Cybercriminals are opportunists with a keyboard, looking for low-hanging fruit. It’s not necessarily what the businesses have that’s appealing, but what they have exposed. By not keeping up to date on security and practicing ‘cyber hygiene’, businesses are making themselves easy targets.”
Wayne offered a few immediately applicable tasks for businesses of any size to get started, “Ultimately, the goal is to take your business from being an easy target to a hard target. But you don’t have to throw a bunch of money to form the basics. First, practice password hygiene. Update regularly and enable a multifactor authentication. Second, utilize the principle of least privilege. Only give people access to things that they absolutely need to perform their job. Third, regularly backup data onto your network so that in the event of an outage, you are secure. All of these are steps you can take now to make yourself a harder target.”
While these steps will give business owners a head start, proper cyber hygiene may require an even deeper cleaning. Wayne continued, “Nowadays, there are many cybersecurity options out there. But not all dollars you invest in cybersecurity are created equal. There are strategies that will mitigate risk more than others, and you can waste funds by investing in the wrong places. It’s important to ask the right questions first.”
According to Wayne, here are five of the most critical questions business owners can ask themselves in 2022:
1. Are the people trained?
Oftentimes, people are the number one targets for hackers, “Human beings are inherently fallible. Finding ways to masquerade and attack through an email or phone call is the primary vehicle a hacker will utilize because it is scarily effective,” Wayne said. Hackers need an entry point into a network, and far too often it’s the untrained workers who accidentally give them the keys. “We must educate our employees and help them be aware that these things are coming to them. You can do this by investing in security awareness training. When employees are aware of potential attack strategies, it’ll be a lot harder for hackers to get in.”
2. Are the endpoints secure?
Endpoints are the physical devices that connect to networks, and the first step to securing them is to protect the entry points. “Every home has a door, and every network has a front door as well. We know them as firewalls. Firewalls allow us to securely detect threats that attempt to come into the network and lock them at that edge.” Wayne continued, “Firewalls have evolved over the years, and nowadays it’s best to utilize multiple layers of protection. One type of layer to consider is web traffic filtering. These filters protect employees that use the internet and defend them from accidentally getting phished on bad websites. You can also consider adding layers that inspect encrypted traffic. Most traffic on the internet today is encrypted and hackers use that to bypass traditional firewalls, get into the network, and cause damage.”
As technology evolves, Firewalls need to stay up to date, and this takes time and expertise. One solution is to utilize managed firewalls that can automatically detect and respond to activity on endpoints.
3. Have we addressed the vulnerabilities?
“All networks have vulnerabilities,” Wayne said. “The question is how critical these vulnerabilities are and if the business has taken action to mitigate them or put in controls to prevent them from being used in an attack.” The two-part step to assess vulnerabilities is as follows:
Know what’s on your network (known as asset identification) and know what you must protect.
Know what vulnerabilities are present on those assets.
“This is a process known as vulnerability management, and businesses would be best served to practice it in a quarterly (or more) rhythm. They must understand what’s on their network, the vulnerabilities that exist, and how to patch them up. This helps minimize opportunities for hackers to exploit vulnerabilities on the network.”
4. Have we factored in edge security?
As hybrid workforces become the standard for many businesses, employees are increasingly working outside of the network. Wayne talked about the dangers this can pose. “While it can be nice to work from a coffee shop or from home, mobile employees don’t get the benefit from being behind a firewall. Mobile employees need to be protected, and the firewall needs to ‘follow’ them somehow. Layering firewalls with solutions such as secure web gateways that protect users while they’re outside of the network is one solution. This is where layering endpoint security can really come into play.”
5. What is our incident response plan?
“When it comes to cyberattacks, it’s no longer a matter of ‘if’ but ‘when’. It may sound cliché, but it’s a reality today,” Wayne warned. “The difference between recovery and failure in the event of an attack is having a plan. Businesses of all sizes must have an incident response plan that should be tested from time to time. Preparation may include partnering with a third party or instant response services if they don’t have the resources themselves so that experts can engage on their behalf in the event of a critical business-impacting cyber-attack.”
“Oftentimes, small businesses take the hardest hit. Small businesses that get attacked often go out of business because they haven’t built a plan of how they’ll respond to those events. Having a written incident response plan where owners of the business know who does what in the event of an attack, paired with access to third party experts, can be critical for recovery. Your ability to respond to an attack will be dictated by how well you plan to respond.”
When asked about the trending shift from Copper to Fiber and Fiber’s effect on security, Wayne offered some insight. “Cybersecurity is often measured by the acronym CIA: Confidentiality, Integrity, and Availability. The Fiber network moves at the speed of light and has higher availability, meaning that its uptime is better. When you can’t get to your data, your network is less secure. By having a Fiber connection with higher availability, you’re hitting one part of the triad. Notice the contrast with Copper, that has lower availability due to issues with degradation and the frequent need for repair. But note that copper and fiber are just the physical layers of connectivity and what you layer with your network is just as crucial.”
Ultimately, knowing the state of your network and preparing adequately is the key to protection. When it comes to successful defense, Wayne found many parallels between martial arts and cybersecurity. “In the event of an attack, I’ve learned in both the martial arts community and cybersecurity world that people revert to their training. In martial arts, we say that ‘everyone thinks they have a plan until they get punched in the face’ and it’s just as true when protecting your network. The key is to train and prepare well before the attack occurs.”