MANILA, Philippines — In light of recent data breaches and cyberattacks against businesses and institutions in both the public and private sector in the Philippines, the evolving global threat landscape, and the stricter enforcement of the National Data Privacy Act, Sophos, a global leader in network and endpoint security, highlights the need for organizations to update their IT systems and practices to better protect data.
According to Julius Suarez, Sophos’ manager for engineering for the ASEAN regions, it is a must for companies to constantly beef up their security practices to keep up with the increasing number of cyber security threats.
“With the growing incidences of ransomware, distributed-denial-of-service (DDOS) attacks, and cryptomining, among others, cybercrimes today are growing in frequency, ingenuity, and financial impact. Organizations should reevaluate their security to include predictive security technology that has the capabilities to get ahead of these painful and costly exploits, integrated network and endpoint protection that has the ability to halt advanced threats and contain isolated incidents before they become widespread, as well as advanced employee education,” he said.
With the Department of Information and Communications Technology declaring June as the National ICT Month in Philippines, Sophos has shared the following best practices to help organizations secure data better.
Patch early and often
Malware does not spread through a document, but it often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes that can be exploited.
Educate employees
Phishing remains an easy access route into organizations for today’s ransomware payloads and data breaches, with 41 percent of organizations seeing an attack on a daily basis. Organizations need to constantly educate their employees on the social engineering tactics attackers use to trick them into downloading malware. A service like the Phish Threat simulator automates the entire training process and provides visual analytics to identify vulnerable employees.
Upgrade firewalls
Network firewalls with traditional signature-based detection are no longer able to provide adequate visibility into application traffic due to a variety of factors such as the increasing use of encryption, browser emulation, and advanced evasion techniques. Network protection now needs to be able to exchange direct information with endpoint security in order to reveal who and what is lingering on your networks. Without such visibility, ransomware, unknown malware, data breaches and other advanced threats, as well as potentially malicious applications and rogue users can slip through the cracks and infect entire systems.
To help IT managers, Sophos is enabling them to have higher levels of network visibility through its XG Firewall solution that integrates deep learning and advanced threat protection technology to block sophisticated unknown threats like ransomware, cryptojacking, bots, worms, hacks, breaches and advanced persistent threats (APTs).
Always update endpoint protection
Traditional anti-virus solutions may no longer be enough. Cyberattacks today are becoming more sophisticated, adapting to — and eventually overcoming — traditional security defenses. To counter these, Sophos has developed Intercept X, which is equipped with deep learning capabilities to identify and block both known and unknown exploits before they can even cause any harm.
Deep learning is a branch of machine learning and artificial intelligence that leverages an artificial neural network to build a model used to make predictions with speed, scale and judgment that exceed human capabilities. The deep neural network of Intercept X is trained on hundreds of millions of samples to detect when a file is malicious, potentially unwanted, or legitimate. Deep learning is more effective than traditional machine learning approaches because of its larger scale training set, smaller model and more effective detections.
Back up, encrypt and strengthen password
There are dozens of ways other than ransomware that files can be lost, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands. Make use of password managers, which keep track of log-in details, and ensure passwords or passphrases are unique and strong.
“Combining predictive technologies, synchronized security, and employee awareness can help organizations stay ahead of today’s evolving threat landscape,” said Suarez. “These should be considered as investments not just in data security and privacy, but also in business productivity and efficiency, as well as protection from litigation and compliance issues.”
For the latest security news, visit the award-winning news website Naked Security For more on Sophos, go to Sophos News. Protect every Mac and PC in your home with the next generation of centrally managed cybersecurity software, Sophos Home. Connect with Sophos where you are: Twitter, LinkedIn, Facebook, Spiceworks, YouTube, Google+