February 21, 2020
2020 Top 9 Most Ignored Security Controls
Security blind spots can cause companies to ignore needed security controls. Blind spots can be caused by not adapting to a changing environment, focusing too much on old “prevention” solutions, or by overlooking the obvious because of our prior biases.
A security risk assessment and gap analysis helps us define a prioritized list of security controls that are important to your business, but far too many companies ignore these results.
By looking at the 2020 security threat factors below, we can see the new areas of security that we are likely to need in 2020 and beyond.
Security Threat Factors Driving 2020 Security Solutions
Here is a short list of 2020 factors that companies should be factoring into their security planning. The implications of these factors lead to changes in 2020 and beyond security control requirements.
- 34% of security breaches coming from internal company sources
- Attacks may be unintentional, but the results are still a breach
- Attacks originate or are enabled by hackers, partners, and employees
- Necessitating the need to monitor both internal and external traffic
- Migration of private data centers to public and hybrid clouds
- You need to protect data in new cloud & hybrid data centers
- Company applications are all moving to the cloud
- How will you protect access, usage and the data itself?
- Small companies are attacked over 40% of the time
- Small companies need risk assessment-based security strategies
- Small companies need budget driven but complete security
- Zero-day attacks and ransomware can destroy your data or disrupt your company’s operations
- The need to recover completely and fast is high
- Hacking, social attacks, phishing, CEO fraud and advanced malware can lead to stolen login credentials
- Once stolen, your other security might have little value
- Therefore, the need to protecting credentials is high
- Everything is moving to wireless
- Phones, laptops, IoTs, even desktops are moving your corporate data onto your wireless networks
- Wireless attacks will become even more frequent
Companies Often do not Open their Eyes to All Real Threats
Here are where frequent security blind spots occur.
- Ignoring emerging threats
- like IoT, 5G, Growth in WiFi & new standards, AI
- Making an assumption that 3rd parties are securing your data
- and not just their cloud infrastructure
- Ignoring new threats created by changing technology
- like WiFi, 5G, Mobile, IoT etc
- Ignoring new threats created by new architectures or implementation models
- like the cloud & hybrid data centers
- Ignoring the obvious
- like training employees to counteract the high level of internal threats
- Not implementing newer current generation solutions
- Staying up with the attackers
And the Results… Top 9 Most Ignored Security Controls
The most ignored cyber security controls in 2020 are listed below.
- SAT (Security Awareness Training)
- Employees are a weak spot that require training
- MFA (Multi-factor Authentication)
- MFA can prevent credentials from being stolen. Without MFA, all your other security may be moot
- Security Monitoring, Detection, Response
- SIEM, EDR, MDR & Network Monitoring
- Cloud Application Security
- Visibility, Control, Security of Cloud App. Data
- Cloud Data Center Security
- Securing Public Cloud/Hybrid Cloud
- Advanced Email Security
- to Prevent Phishing, Malicious Links, CEO Fraud, Ransomware
- Backup & Disaster Recovery
- Onsite/Offsite, Instant Recovery
- Wireless Device Security
- Advance WiFi Solutions for the office to prevent WiFi network breaches
- Data Protection
-  Access Control,  Data Loss Protection,  Encryption
The obvious conclusion is to review the 2020 security factors and make sure that you are not ignoring security controls that are necessary for your business. It is time to remove your blind spots.
Contact us – Let us help you with you blind spots and to define and implement your most ignored security controls