Your Digital Perimeter: Who Puts Your Enterprise at Most Risk?

Your digital perimeter constitutes a major component of your endpoint security, and overall cybersecurity, policy.

Indeed, your enterprise’s digital perimeter works to deflect cyber attacks. These attacks can take diverse but equally perilous forms:

• Ransomware, which holds files or networks hostage until the victim pays the attackers, sometimes in bitcoin.
• Cryptocurrency mining malware, which covertly penetrates your network and exploits your processing power and electrical energy for the hacker’s gain.
• Fileless malware, which exploits endpoint’s native processes to run their malicious programs without triggering legacy detection programs.
• Phishing attacks, in which hackers disguise their attacks as legitimate communications prompting users to hand over their credentials.    

Therefore, without a digital perimeter, your enterprise could suffer from any and all of these cyber attacks, from internal and external threat actors alike.

What Makes a Digital Perimeter?  

Usually, enterprises consider their digital perimeter in terms of explicit endpoint security capabilities. These include next-gen antivirus (NGAV), firewalls, intrusion detection and prevention systems (IDPS), port controls, and endpoint detection and response (EDR).

Taken as a whole, these tools monitor what programs enter and exit the network. Additionally, these capabilities detect and remove threats before they penetrate the network. In particular, EDR detects and remediates threats that do penetrate.   

However, the largest component of your digital business perimeter remains something far less technical—your employees.

After all, their online conduct interacts with the most with—and constitutes the most of—your digital traffic. If your employees follow endpoint security best practices, your digital perimeter becomes that much stronger. Unfortunately, if they fail to follow these guidelines, your cybersecurity policies become proportionally weaker.   

At the same time, your users’ activities move in and out of your IT environment so frequently it can prove difficult to monitor all of it.  

Obviously, this raises new questions and problems for enterprise IT security teams. Which employees constitute the most threat to your digital perimeter? What can your endpoint security do to supplement your employees’ efforts and your overall digital perimeter?

We answer these questions and more!

Employees and the Digital Perimeter

To find out which employees pose the most risk to your digital perimeter, we consulted research by ProofPoint. ProofPoint provides mobile device security and email security solutions.

In their “Protecting the People: A quarterly analysis of highly targeted cyber attacks” ProofPoint discovered the overwhelming majority of highly targeted attacks—67%—target “lower-level employees.” These employees include customer service representatives. Meanwhile, Contributors received 40% of such attacks, upper management suffered 27%, and C-Suite Executives 6%.     

Although these findings appear to executives a reason to relax, ProofPoint suggests the percentages correspond to the proportional number of employees at those management levels.

Additionally, ProofPoint outlined the three most targeted industries: Pharmaceutical Drug Manufacturers, Construction, and Real Estate.

What Can Enterprises Learn From This?

First of all, all the digital perimeter security and endpoint security in the world can’t protect your business if you fail to educate your users. Even the lowest members of your corporate totem pole could present an ideal target to phishing attacks. You need to provide detailed, consistent and engaging cybersecurity training so employees understand the dangers of weakening the digital perimeter.

Additionally, you need to expand your thinking of which employees require endpoint security. If you have third-parties and contributors, their devices must become part of your perimeter as well. You should require consistent and integrated endpoint security as part of your partnership agreements with these contributors.

Furthermore, your perimeter requires integration with other cybersecurity solutions. Identity is a critical part of your perimeter, and certain threats only attack through identity. Moreover, your enterprise should make sure each user only has access to the assets essential to their functions to mitigate any hackers’ damage.