Island hopping is putting SMEs under potential cyber threats
Island hopping is a term used to describe the process of undermining a company's cyber defenses by exploiting the weaknesses of its vulnerable partner network of small businesses, in order to target larger companies.
When a company is secured with high-end cyber security tools, supported by a vigilant cyber security team, it makes it difficult for attackers to get to them. Instead of targeting the company directly, they go after other smaller companies with whom the target company has business affiliations with.
Usually, SME partners lack security tools and the expertise to deliver defense in depth, making them easier for attackers to infiltrate before using them to gain access to the target company. It is therefore critical to increase the cyber security posture of the partner network of SMEs to improve the overall cyber security posture of the target company.
Here's 5 tips on how you can minimise your chances of being a victim of island hopping:
#1 Avoid phishing scams. To get to the target company, phishing activities may be conducted on its partner network to get invaluable information to extend its reach to the target. Deploy tools to combat phishing emails and increase awareness of potential phishing activities among your staff.
#2 Ensure that cyber security tools are deployed to increase the cyber security posture of the company. No tool is fool-proof but it certainly helps to lower the risk of a cyber attack.
#3 Work with the prime target company to formulate a cyber security partner policy and strategy. The policies and procedures can help to govern and lower the risk of data breach.
#4 Restrict access to privileged group/user(s). This ensures the data is being accessed by a restricted group of users, minimising the risk of attack from various sources.
#5 Deploy multi-factor authentication for accessing sensitive information. Beyond changing password on a regular basis, multi-factor authentication is the best way to ensure security with a combination of factors.
Learn how to identify a phishing email to reduce the risk of security breaches.
Learn how you can secure your data when remote working.
Read more about how organisations and users like you, can configure and utilise video conferencing services securely.
Ensure security of video conferencing services as the usage of such solutions increases amidst the pandemic.
Learn how you can safeguard yourself from cyber security risks.