Your CMS connects you with your readers, your employees and your partners. It’s the drumbeat of your organization. A compromised CMS, however, is a highly sought-after target for cyber criminals—and potentially a significant area of vulnerability for your business.
Digital transformation efforts have been underway for decades, but over the last several years, businesses had to expedite their digitization journeys as they shifted from survival mode at the beginning of the pandemic to new remote and hybrid ways of working. This hybrid mode of communication and access continues today.
McKinsey called this expedition the “The Quickening”—where some businesses took a years-long roadmap and reduced execution to a few months in order to navigate the pandemic effectively. While this record-breaking agility in developing and implementing new technologies in the face of a fast-changing digital landscape should be celebrated, it also has been met with new challenges, including the rise in frequency and sophistication of cyberattacks.
From 2013 to 2022 there was an 800% increase in the number of DDoS attacks worldwide. One study says that Q1 2023 saw 47% more attacks than the same time period a year prior. Fast forward to today, hardly a week goes by without some new story reporting that tens of thousands of WordPress sites have been exposed to security vulnerabilities through a plugin breach or sites running outdated versions of Drupal have fallen prey to hackers coming in through the backdoor.
In short, organizations need to start planning for when they’ll be attacked, not if—and a key part of that planning process is to ensure they’re in lock-step within their own organization and with their partners and providers who play an important role in ensuring the security, safety and privacy of a business and its data.
Your CMS is the heart of an important relationship—with your readers, your employees and your partners. A compromised CMS, however, is a gold mine for cyber criminals and a source of risk for your business.
What does this mean for content management systems, specifically?
Digital transformation used to focus solely on products, applications and solutions, but organizations have been forced to evolve how they communicate as well—internally, with partners and vendors, and with customers.
Having the right content management system is a crucial component in ensuring the right messages are shared at the right time and place. It’s at the center of your operations and is the heart of the relationship that you have with your employees (via an intranet) and your readers and viewers if you’re publishing news articles or other content. Your CMS represents your brand and is the vehicle you’re using to communicate with your intended audience.
Because CMSs are an important piece in every organization’s tech stack and because of their potential reach with various large and engaged audiences, they’re also potential targets for attacks.
Organizations with a media presence or those who deliver digital content across multiple channels are especially hot targets, as the implications and fallout of the attack can spread quickly—they’re not just compromising a single website, but potentially a platform hosting millions of users.
According to TechNative, a CMS breach can threaten business continuity and bring even the largest corporations to their knees within hours, so building a strong and reliable underlying infrastructure on which to host your CMS has never been more important.
We know that businesses have multiple systems, channels and processes in play as they try to digitally transform, and that adding one more challenge to those efforts can feel daunting. So, let’s walk through some key considerations and security best practices together, so that you feel confident in your approach and can adjust as needed to ensure ultimate security for your organization.
Nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks. This is despite increased IT security investments made in 2020 to deal with distributed IT and work-from-home challenges, according to an IDG Research Services survey commissioned by Insight Enterprises.
What are the different types of cyberattacks?
First, it’s important to be aware of the most common types of cyberattacks.
“Ransomware,” “phishing” and “malware” are part of our everyday vernacular now. These are a few popular types of cyberattacks, but the approaches cyber criminals deploy are evolving as businesses continue to expand and use different platforms and channels of communicating.
This isn’t only a concern over weak passwords; there’s simply more opportunity for cyber criminals to attack.
The 3 most common types of attacks:
Denial of service: Prevents you from providing your service to clients or customers
Defacement or corruption: Changes the appearance of your online properties and can be more difficult to identify quickly
Data exfiltration: When the attacker takes and uses your data against you or negatively towards your clients or customers
What your organization can do to avoid an attack: Security hygiene + assessment checklist
There are a few simple steps to take to ensure your CMS can and does comply with your company’s security best practices. The critical component here, however, is that everyone needs to abide by them.
Password complexity: Ensure that your CMS is in compliance with your company’s policies and guidelines regarding password length, complexity and expiration.
Multi-factor authentication: Apply two-factor authentication for all access points to your CMS to create an additional firewall in the case of password infiltration among existing CMS users.
Integration with central identity management: Regularly maintain and monitor all users who have access to your CMS and audit levels of access and permissions via a centralized identity management database.
Integration with your security tools: Maintain your CMS security as you would any other software application, ensuring frequent backups of data, upgrading to the latest versions, and monitoring your systems for unusual activities and usage patterns.
Even before an actual attack or assessment of a potential threat, it’s important to follow these five steps to ensure the security of your CMS as a matter of routine protection.
Assessment checklist
-
Review your CMS users and eliminate unnecessary ones. Likewise, review all the roles and permissions for users of your CMS throughout your organization.
-
Regularly monitor your websites and microsites to identify potential defacement.
-
Regularly review all of your publishing changes made within the CMS to ensure they’re legitimate and expected.
-
Establish a specific method for your employees to report issues they believe are suspicious; create a streamlined communication process for this.
-
Have your security incident processes documented; this allows you to conduct a postmortem with your organization and vendors that helped you navigate the attack.
Finally, keep your organization trained and aware of what the cyber threats are today and hold regular training sessions to discuss what to watch for so they understand how these threats are evolving.
This includes making sure everybody knows how to report something if (or more realistically, when) they see something suspicious.
What you and your tech partners can do to avoid an attack: Defense-in-depth approach
“Defense in depth” is a time-tested strategy that ensures you don’t have a single point of failure in your infrastructure by deploying distinct protocols at various layers.
The more customization you can do within the platform to meet your organization’s security protocols, the better. And the right partner will have the tools and technology to integrate with and abide by your rules at different layers and levels.
It’s key to partner with those that have their eye on multi-layered security to help protect against threats—and ensure they understand and agree to your approach to security as well. Asking key questions that drill down into their approach is an essential step here.
Vendor Due Diligence: Security Questions for Your Partner
Layer 1
- Do you have a security program handbook or guide?
- How do you respond when a customer reports a security vulnerability?
- What’s your process during and after an attack?
- What are you doing from a prevention standpoint?
Layer 2
- What are you doing from a security standpoint at the code level?
- What operational security components are included in your platform’s architecture?
Layer 3
- Are you partnering with major cloud providers? What services are included through them?
- What do your partners leverage in terms of security architecture and code? Do they have a due diligence process you’re familiar with?
Then, it’s important to make sure the best practices and approach that you’ve agreed to within your organization—and with your partners—is manageable.
Oftentimes, businesses tend to make it too hard or prohibitive for their workforce to follow along and abide by security protocols and policies.
For example, if you write a policy or a practice in a vacuum and put together a workflow to support it, and if that process is too difficult for people to manage in their day-to-day, they will go around it or find a shortcut.
When people start going around your policies, you start losing the ability to manage them, and you start introducing additional risk in your system. It’s always important to not just make sure that you’re checking all the security boxes, but also watching the behavior of people who are using those processes, tools and systems.
If you find they’re creating alternate paths around certain controls—fix the control to make it more friendly and attainable so everyone can more easily stay in compliance.
In conclusion: Stay ahead of the threat with a content platform you can trust
Organizations can and must be proactive in the face of a cyberattack. They also must be prepared well before a disruptive and potentially devastating incident occurs.
To assist, modern CMSs like Brightspot ensure elasticity within your operations and allow you to be nimble and act swiftly during turbulent times, all backed by the support of Brightspot experts.
That’s why we have strong security defenses baked into our solutions as well as a dedicated support team available to provide guidance today—and in times of crisis.Don’t wait for cyber threats to strike. Set up a demo today and discover how Brightspot can fortify your digital resilience. If you know a developer who might be interested in trying out Brightspot, we can facilitate their trial request here.