Cybercriminals are increasingly targeting the recruitment sector because of the rich data it holds. Employees and contractors also have access to the same data. Cyber attacks and data loss are on the rise. Thankfully there are technical solutions.
Our recent survey showed that IT leaders in recruitment are keen to fix their cybersecurity and cyber training problems as soon as possible. When asked, “Which IT/Tech problems would you like to solve this month?” subjects related to data theft ranked highest (see chart).
These subjects are enormous, and we could write a book about the subject. But let’s break it down to 3 solutions that could be actioned within 30 days (plus two bonus tips).
Training staff on cybersecurity
Training scored 26% on our survey and was the 2nd most significant challenge. It’s widely acknowledged that humans are often the weakest link in an organisation’s cybersecurity posture.
Cyber training for employees needs to be done regularly, not just at the staff induction and then forgotten.
It should raise awareness of potential security threats, such as phishing scams, malware, and social engineering attacks. Best practices to prevent data theft include strong password policies, multi-factor authentication, and data encryption.
Clicking on phishing emails is probably the most common human error. Many training programmes will help your staff to spot phishing emails. However, you must select the right one. Key questions to ask:
- Where are they ranked on Forrester Wave™ Security Awareness & Training Solutions?
- Do they offer real phishing simulations that teach users to spot phishing scams?
- How frequently do they update or add new features? Every month, every quarter?
- Are they aware of new phishing scams that use technology such as ChatGPT?
- What do they have a variety of content in their training toolbox; videos, slides, quizzes?
ChatGPT is a potential new threat as cybercriminals can use it to create more natural language conversations to fool employees. Read our blog article on Medium.com titled ‘ChatGPT is aiding phishing attacks. Here’s how…‘
Extended Detection & Response
The primary goal of XDR is to provide a more comprehensive and holistic view of your security posture. It collects and analyses data from various sources, such as network traffic, endpoint logs, application logs, and cloud resources. By integrating data from multiple sources, XDR can identify patterns of malicious behaviour that may not be evident when analysing a single security product.
XDR platforms use advanced analytics and machine learning algorithms to analyse the collected data and identify potential security threats. This approach enables XDR to detect complex and evolving threats that traditional security tools might miss. Advanced persistent threats (APTs), zero-day attacks, and malware that uses sophisticated evasion techniques can be difficult to detect without XDR.
Once XDR detects a potential threat, it can automatically orchestrate a response, including blocking or quarantining the affected endpoint or network segment, alerting security teams, and collecting additional data for analysis. XDR can also provide security teams with context and insights to help them investigate and respond to threats more efficiently.
In summary, XDR is an emerging cybersecurity approach that aims to provide a more comprehensive and proactive security posture by integrating and analysing data from multiple sources to detect and respond to advanced cyber threats.
Microsoft 365 Defender
Not all threats are from outside the recruitment agency, insider threats can be just as damaging. Employees mistakenly or wilfully downloading CVs, passports, driving licences, and other sensitive information can lead to ICO* investigation and reputational damage.
A solution is Microsoft Defender for Cloud Apps (previously known as MCAS), which is part of Microsoft 365 Defender. Many companies already have the licence but have not activated it, so it seems sensible to spend a couple of days setting it up.
What is it? It’s a security solution that helps you gain visibility and control over your cloud-based applications and data. Defender can detect and prevent data theft incidents in real-time, even when the data is accessed from outside your agency’s network.
Recruitment agencies can use it to prevent data loss by taking the following steps:
Implementing Data Loss Prevention (DLP) policies: Defender allows recruitment agencies to create and enforce DLP policies that help prevent data loss by detecting and blocking sensitive data before it can be exfiltrated.
Monitoring cloud applications: It also provides visibility into cloud applications used by your organisation, enabling you to monitor employee activity and identify potential data loss incidents.
Enforcing access control: Recruitment agencies can enforce access control policies that limit access to sensitive data based on user roles and permissions, helping to prevent accidental or intentional data loss.
Detecting and responding to anomalies: Defender uses advanced analytics and machine learning to detect anomalies and potential threats, enabling recruitment agencies to react quickly and prevent data loss.
By using Microsoft 365 Defender, you can take a proactive approach to prevent data loss, protect your sensitive data and maintain compliance with regulations or standards.
Two bonus tips
Prevention is better than cure. Here are two things we recommend you start today…
Data Classification: Classify your sensitive data to identify the most critical data assets and apply additional security measures to protect them. This will help your agency focus its security efforts and reduce the risk of data theft incidents.
Incident Response Plan: Create an incident response plan to respond quickly and effectively to data theft. The plan should include procedures for detecting and reporting data theft and steps to contain and recover from the incident.
In conclusion, IT managers in recruitment agencies must take proactive measures to prevent data theft, which can have severe consequences for the company and its reputation. They should provide regular cyber training on phishing emails, implement an email filtering system, and use modern cybersecurity tools such as XDR and Microsoft 365 Defender to detect and respond to external and internal threats in real time.
If you need any help to protect your valuable data from theft, then book a call with one of our consultants.
* ICO = Information Commissioner’s Office
