Promotional Products is a sector worth about 21 billion dollars, primarily comprised of small businesses, although there are notable large suppliers, distributors, buying groups, and service providers. Within this industry, only a few companies have a dedicated Chief Information Security Officer (CISO) or Cyber Analysts, largely because it is sales-driven. Lately, most attacks in this industry stem from malicious links in emails, with employees inadvertently clicking on them, leading to the installation of malicious code and enabling the spread of the attack. The upcoming sections delve into my insights about cyberspace and essential tools and concepts. While I may not cover everything, it’s my aim to provide sufficient information to guide our industry in the right direction.
Why are Emails a Common Attack Vector?
Our industry deals with a lot of art files, Excel sheet lists of addresses in some cases, and tracking URLs. The use of URLs to encapsulate this data is common, making it easy for someone to spoof a link to a malicious URL and download an agent into the computer. One way to mitigate this risk is through user training. There are several good products available to educate users on identifying and avoiding malicious links. Creating training materials that captivate the audience and provide necessary education can be challenging, as is curating that catalog.
The second measure to deploy is utilizing products like Mimecast and Microsoft Defender to check if the URL is malicious and auto-block such URLs. Additionally, it’s important to establish a method for users to tag an email as a phishing attempt. Having a toolkit available for users to safely check URLs in a sandbox environment is equally important.
Why are WAF’s Important?
Web Application Firewalls (WAFs) are procurable systems that check for DDoS attacks, activity from bots, and traffic from unwanted countries. They also trigger Captcha-like systems when too many requests come from specific IPs. The promotional industry, with its numerous public-facing websites, necessitates WAFs as a vital defense line in the current landscape of cyberattacks.
EDR and XDR are Necessary
Think of EDR as an antivirus system on your computer, but with more capabilities. EDR can be customized to target specific attack vectors and utilize AI to distinguish normal patterns from abnormal ones, triggering alerts accordingly. It is capable of searching for specific hashes, malicious code, and executables. Additionally, EDR can aid in isolating a host and removing it from the network remotely.
On the other hand, XDR is a comprehensive system that monitors cloud devices, endpoints, networks, and more. It operates at a macro level, while EDR focuses on a micro level. The key takeaway is the importance of fine-tuning these systems to ensure that appropriate alerts are thoroughly investigated. The sheer number of alerts can be overwhelming if the systems are not properly tuned.
PAM, SIEM, and Encryption
· PAM: Implementing a password management tool for both internal and service accounts addresses a significant challenge, and that’s precisely what PAM aims to resolve. It allows for the rotation of passwords and necessitates passwords being checked out for critical servers to access systems. This effectively eliminates the vulnerability of a single compromised admin account compromising the entire system.
· SIEM: Given the array of tools and extensive logging, a unified interface that aggregates data and presents it in the form of a dashboard is essential. This is precisely the role SIEM plays. However, it’s important to note that the installation and configuration of SIEM can be time-consuming and complex. Despite this, the effort is completely worthwhile when executed correctly.
· Encryption: Envision a system that actively monitors the network for sensitive documents and automatically encrypts these files—an ideal scenario that significantly bolsters data security by making exfiltration more challenging. Additionally, integrating a password tool into the system for decryption, based on a structured checkout process for files, enhances security. Fortunately, such systems do exist, making them a valuable addition to any toolkit, offering robust protection for critical documents.
I firmly believe that the promotional products industry could benefit from a more extensive implementation of these tools, thus advancing and fortifying our industry’s security posture.
2FA is Easy and Important
There are numerous methods to implement 2FA, and selecting one for logins on systems should be an absolute priority. Passwords can be relatively easy to guess, making 2FA crucial in such scenarios. For your executives, employing a physical key fob for logging in may become a necessary measure.
Information Exchange
Being a part of an information exchange for cyber attacks is crucial. I am a member of the RH-ISAC, and the insights I gain are invaluable, significantly bolstering our defenses against the evolving landscape of threats in the industry.
The Journey So Far
My journey in the cyber world started rather late. I dabbled in a few things after I took on the VP of IT role, but I truly began to focus on it about 6 months after assuming the position of CIO. Late last year, I began investigating the possibility of achieving SOC2 compliance for our organization. In March of this year, we experienced a cyber-attack, which we effectively mitigated. We successfully completed the SOC2 initiative in early July. This rollercoaster ride has been an incredible learning experience, contributing significantly to my personal growth. I must acknowledge and appreciate my exceptional and highly skilled team for their invaluable contribution in achieving our goals. Additionally, the unwavering support of the leadership team has been instrumental at every step. Cybersecurity is a matter of utmost importance and should be a top consideration for every executive.
Explore the magazine here: https://lnkd.in/g-9qCrrj
Explore the HTML magazine page here: https://lnkd.in/gEw29Jz5
Rishiraj Mukherjee’s article:
A Word to CIOs for Leveraging AI in Promotional Products
I am a dynamic technology executive with over ten years of experience driving digital transformations, defining organizational strategies, and modernizing processes and solutions. My expertise encompasses machine learning, ERP implementations, IT management, business Intelligence, manufacturing, and supply chain management.
In addition, my background in software development provides me with the knowledge of end-to-end application development, from concept to delivery, and proficiency in data science, core programming, building user stories, and making data-driven decisions. Recognized as a trusted advisor with resilient and empathetic communication skills, I am uniquely able to gain buy-in and align diverse corporate functions under large-scale priorities.
