The numerous high-profile data breaches that took place in 2018 illustrate that no organization, irrespective of size, scale or scope is immune from cyberattacks. 2018 witnessed a 350% increase in ransomware attacks, and a 70% increase in spear-phishing attacks.
We are looking at a state-of-affairs wherein it is very easy for cybercriminals to exploit security vulnerabilities and target weaknesses with malware or ransomware. The worrisome fact is that malware-as-a-service is a reality.
The time to initiate sustained and concrete efforts to protect mission-critical network and data is now. It is imperative to think beyond conventional security and deploy strategies that enable real-time intelligence to expose hidden risks, detect unknown threats and isolate infected systems.
Here are ten cybersecurity best practices that can help guard against the sophisticated threats that your IT infrastructure faces today. While there is no silver bullet for cybersecurity, adopting these practices will ensure better preparedness to address advanced threats and allow prompt remedial action.
The first item that must be ticked off the list is identifying potential vulnerabilities in your network. Vulnerability assessment helps identify every device on the network and lets you assign a risk value to each. Devices may include printers, USB thumb drives, security cameras, smartphones, laptops, desktops, wireless access points, etc. As the number of potentially exploitable devices on your network keeps growing, conducting vulnerability assessment should be an ongoing process.
All businesses are different and face diverse cyber risks. The complexity of threats demands identifying the primary and secondary cyber-attacks and acceptable levels of risk. Your threshold to the pain that is a result of your risk baseline governs your investment in cybersecurity. It is critical to understand the risks in the form of financial losses, reputational damage or more. List risks in order of importance and work out a plan to address them.
When you plan to overhaul your cybersecurity infrastructure, it’s important to keep the weakest link in mind – the people in your organization. Yes, invest in the right technology that takes your network and endpoint security to the next level, but make sure your organization’s workforce is aware of the cyber threats they face and how they must address these threats. Conduct security awareness training programs that establish a culture of cybersecurity awareness.
Equifax suffered a massive data breach (approximately 143 million compromised records) reportedly because of a vulnerability in its open source server framework. The patch for this vulnerability was available but the companyapparently did not apply it. This explains the importance of implementing a patch management strategy. Don’t be slow to applying patches when available; and it will be a good idea to usepatch management tools that can simplify and seamlessly manage the whole process for you.
When it comes to cyberattacks, it is not about if they will happen, but when they will happen. Prevention is definitely better than cure, but if your organization does experience an attack, it is important to understand how it happened, how it unfolded, and the vulnerabilities it was able to exploit. Root Cause Analysis (RCA) helps you find the cause and plug key vulnerabilities.
What if an attacker manages to fly under the radar and your resource-constrained IT team fails to identify a data breach in progress? Such disastrous consequences can be avoided if the threat gets identified proactively. The use of Machine Learning now allows deploying automated protection that proactively detects threats and takes real-time remedial action without manual intervention.
Deploying the best available cybersecurity solution alone isn’t enough. You need to be able to optimize its use. Before you deploy the solution, make sure you are fully aware of the feature set and how you can use these features to harden cybersecurity controls.
How do you go about responding to a cybersecurity incident? The answer lies in a comprehensive incident response plan. Remember, data breach costs go much beyond the regulatory fines and the ransom paid to cyber baddies. An effective response plan is necessary in limiting the damage, and immediately taking a series of actions that prevent the spread of risk.
Make sure that your organization emphasizes the importance of a secure organization to all stakeholders and makes all of them responsible for upholding security best practices. Cybersecurity is not just the responsibility of the CISO or the IT security department. It must be ingrained into all the processes that make up the organization.
As a business you work with third parties and vendors who have access to company data; not all of it, but data that is essential to their working relationship with you. How are these parties managing their cybersecurity policies? Do they have the necessary controls in place to ensure your company data is protected at all times? Make sure you have a policy in place that ensures your partners are evaluated regularly from the information security perspective.
Best practices are as good or bad as the seriousness with which you deploy them. In a world where cybersecurity is extremely critical for your organization’s success, give it the importance it deserves.
Michelle Drolet is founder of Towerwall, a woman-owned cybersecurity and cannabis compliance services provider in Framingham, Mass., with clients such as CannaCare, Smith & Wesson, Covenant Healthcare and many mid-size organizations. She can be reached at [email protected].
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
Notify me of follow-up comments by email.
Notify me of new posts by email.
Now that a growing body of evidence says marijuana is bad for you, more regulation is in the offing. When Gallup asked about legalizing weed last year, two-thirds of Americans supported it…
Improving Your Post-Harvest Remediation Strategy is The Best Way to Ensure Product Passes Microbial Testing Dangers of Microbial Growth: Cannabis operations of all sizes risk exposure to biological contaminants, like…
By Jack Scranton, Attorney at Harris Bricken On February 2, 2023, the Washington State Liquor and Cannabis Board (“LCB”) released an update regarding the interactive mapping tool for determining whether…
THE German Government’s refreshingly honest approach to drugs and addiction is being demonstrated with a focus on the harms of gambling, alcohol and tobacco. On coming into office it signalled its intent…