Virima V6.0 will soon be available with an all-new look, enhanced discovery, mapping and vulnerability features and more. Stay tuned!

IT Security: Protecting Your Organization From Cyber Attacks

IT security protects computer systems, networks and data from attack or damage

Cyber threats are in the news nearly constantly, and are (or should be) top of mind for executives at every size and type of company. The Global Risks Report 2018, produced by the World Economic Forum, ranks cyber attacks as the third most pressing threat worldwide. Here are some specific concerns regarding IT security, and how you can address them more effectively.

Common Cyber Threats: Phishing, Botnets, and Bad Passwords

Phishing

This is the most prevalent type of what’s called “social engineering,” which is basically convincing authorized users to do something they shouldn’t. Phishing involves the sending of legitimate-appearing emails that induce readers to click on a link that takes them to a malicious web site or installs malware on their computers.

The culprits execute phishing campaigns for two reasons: they’re easy, and they work. The Executive Summary of the 2018 Verizon Data Breach Investigation Report says, “on average, 4% of the targets in any given phishing campaign will click it. And incredibly, the more phishing emails someone has clicked, the more likely they are to do so again.”

Once a phishing campaign visits your network, time is not on your ally , Verizon adds. “You have 16 minutes until the first click on a phishing campaign. The first report from a savvy user will arrive after 28 minutes.” 

And phishing campaigns are getting more sophisticated, evolving into “whaling,” which targets C-level executives, and “spear phishing,” campaigns that target specific individuals or organizations to steal sensitive information or install malware.

Botnets

A botnet is a network of enslaved computers or other connected devices, created to steal data, send phishing emails, propagate malware, or compromise other networks. A hacker recently created a botnet of 18,000 routers in under 24 hours. 

Initially designed to attack connected computers, botnets now also go after Internet of Things (IoT) devices, which are often easy to find, easy to attack, and poorly managed or secured.

Bad Passwords

As The Washington Post reported in August, “A security audit of the Western Australian government released by the state’s auditor general this week found that 26 percent of its officials had weak, common passwords – including more than 5,000 including the word “password” out of 234,000 in 17 government agencies.” 

“Almost 13,000 used variations of the date and season, and almost 7,000 included versions of ‘123.’” 

“In one case, the auditors were able to access an agency’s network – with full system administrator privileges – by guessing the password: ‘Summer123.’”

These sad facts are not unique to Australia or its regional governments. Every year, cyber security vendor SplashData publishes a list of the most popular passwords that have been stolen and made public. The two most popular for the past few years – “123456” and “password.”

Cyber Threats: Building IT Defenses

Fortunately, a common set of steps can increase your defenses against these and multiple other cyber threats. 

The first of those steps is to discover and map your IT environment, including all hardware and software assets and the relationships that link these to each other, their users, and their tasks. You also need to be able to keep that information accurate, complete, and up to date.

Comprehensive IT Discovery provides a firm foundation for the next step toward better cyber security: effective IT Asset Management (ITAM). With this step, you can impose policies that govern access to and behavior of your critical IT resources. For example, you can require regular scans of those assets to ensure all current patches and updates have been installed.

Once you’ve got discovery and ITAM locked in, you can take a third significant step toward better cyber security: IT Service Management (ITSM). Effective ITSM lets you manage IT incidents, problems, changes, and resource requests centrally and consistently. With effective ITSM, you can also implement and extend automation that performs critical tasks consistently.

Virima: Your IT Security Partner

Virima offers economical, modular, integrated, effective solutions for all three steps toward better cyber security. IT Discovery, ITAM, and ITSM tools from Virima can help you find, map, and manage your IT resources, and deliver the services your users and business require. 

They can also help your business identify vulnerabilities and respond to threats more quickly, effectively, and consistently.

Virima features can automatically discover and map your critical IT resources and the interconnections that link them to one another, your applications and services, and your users.

Virima is here to help. To get started, contact us today to schedule a demo and explore the possibilities!

Subscribe to Our Newsletter

More to Explore

Table of contentsWhat is CMDB, and why is it important for your cloud initiatives?CMDBs and change managementCMDBs and incident managementCMDBs and problem managementCompliance reporting made easy with CMDBsImpact analysis with CMDBs and cloud assetsMake better, fact-based decisions with Virima for…

Table of contentsHow does asset discovery work?What types of IT assets can you discover?NetworksServersPCs, laptops, and mobile devicesBenefits of IT asset discoveryLess time spent on cataloging IT assetsBetter and detailed IT reportsStreamlined IT asset acquisitionEnsuring compliance with security policies A single…

Table of contentsWhy stakeholder communications are importantHow to prepare for incident communicationIncident management best practicesCommunication plan High-quality major incident management communication plan Using visualizations in stakeholder communicationsIncident mitigation with visualizations Virima can help you with incident management Incidents are a part of business,…

Table of contentsAsset managementTracking and labeling assets’ locations and states through an asset register Tracking and managing software licenses Managing end-user devicesKeeping tabs and handling decommissioned assetsConfiguration managementIdentifying configuration items in the CMS Controlling  and managing all changes made to assets Understanding impact on…

Some people think that an IT service desk is the same thing as an IT help desk. It isn’t and we’re  going to explain the difference between service desk and help desk. Sure, there are some similarities, but there are…

Table of contentsA CMDB tool can maintain all other tools What is CMDB in ServiceNow?What are ServiceNow CMDB best practices?A few ServiceNow CMDB best practices include:Defining your goalsForming a configuration management teamEstablishing a governance structureUnderstanding configuration item designIntegrating with key business…

Table of contentsStep 1. Determine business objectivesStep 2. CMDB discovery toolsStep 3. ITSM system integrationStep 4. Equip data owners/data stewards with the right toolsStep 5. Data management and retention planStep 6. CMDB: data visualizationLearn more about these steps by watching…

Incident management is crucial while dealing with major incidents. They are the crises that have widespread impacts on your employees, disrupt your operations, and impact your ability to deliver on customer expectations.  While you may assume your company is prepared…

Table of contentsUnderstanding business service mappingA modern approach to business service dependency mappingDiscovery planning processUse casesVirima simplifies service mapping and IT discovery Business service mapping is the area of configuration management that perplexes so many IT professionals. Yet, it provides…

Understanding the Configuration Management Database (CMDB) and its core functions is a critical aspect of service management. The CMDB forms the hub of numerous service management practices and provides a means of correlation needed to deliver business services successfully.   The…

The Configuration Management Database (CMDB) contains information about the enterprise's logical and physical assets. Modern service management platforms provide core functionality referenced by all service management practices, including business-facing rules. As a result of its core functionality, the role of…

A previous post discussed “The problems with your problem management” and some of the obstacles standing between your organization and true, proactive problem management. This post delves deeper into some of those obstacles and offers recommendations to help you address…

IT asset management (ITAM) and inventory management are both useful practices that can benefit any organization using IT. Inventory management can exist without IT asset management, and in fact, it does in many organizations as it has been in existence…