Right now, here’s a reality check for any organization. Cyber attacks are here to stay. Phishing, social engineering, and Ransomware attacks are now a clear and present danger to every organization.
Cybercrime is now a multimillion-dollar business, and new attacks happen every day. These attacks can be anything from simple ransomware attacks to complicated schemes to steal money over the internet.
As a result of the pandemic, corporate networks were extended into end-users homes, which made this industry even stronger. As a result, organizations are starting to add more money to their budgets to cover cyber resilience in terms of people and services like cyber insurance and other digital tools for intrusion detection and advanced threat prevention.
Subtle Cyber Defense
Many things can affect the success of a strong cyber resilience program. I have listed four things that I think are easy wins for any business if they are done right:
Culture of the Company
Without a doubt, everyone in an organization should do what they can to make sure the security of corporate assets is at the top of every task. Traditionally, non-IT employees would leave this up to the IT teams. However, this practice has failed many businesses because technology leaders are starting to see that traditional IT teams lack the skills and experience to deal with some of the more complex attacks that are common today. Cybersecurity has become a more important field, and IT managers now need to invest in either training their staff to do a better job or, as is recommended, hiring Cybersec professionals with more experience.
In addition to putting together the right IT teams, it is now everyone’s job to keep the company safe. Staff should be trained to recognize the different ways their accounts or identities can be stolen, allowing bad people to get in. Simple steps like turning on multi-factor authentication on both work and personal devices, using password managers to avoid texting or writing down passwords, and zipping and locking confidential documents with strong passwords before emailing them. All these things and more are low-hanging fruits that can help improve how businesses work together to protect the environment.
I’ve already talked about password managers and MFA apps. These, along with firewalls (NexGen) and other similar tools, should now be standard tools every business uses. Aside from that, IT admins can use various monitoring tools to stay at least one step ahead of criminals. One tool can be used for advanced threat protection with an M365 business premium subscription. This is especially useful for small and medium-sized businesses (SMBs) that might not have a big enough IT budget to set up a strong SIEM solution. There are tools like Azure Sentinel, Splunk, Sumologic, and so on for bigger companies.
Many more companies are now using BYOD because of hybrid working. This means that IT administrators need to think about endpoint management (endpoint manager, previously Intune, is one such tool)
Last but not least, Validated Access is the third important pillar. This means, at its core, putting in place clear policies and procedures for how both internal and external parties can access and authenticate sites and digital assets. For physical sites, there should be ways to get in. Companies should use VPN access to connect from outside the office, etc.
A monthly review of the activity of new employees and those who leave is an excellent way to ensure that access is blocked or given the right way. You should also look at your admin user accounts and ensure that only a small group of people who need to access essential systems can use them.
Another suggestion for Admin/privileged accounts is to switch to named accounts instead of a single account that multiple people can use. So, you can track who gets into what and what they do.
Proactive Application Patching
In the last few weeks, my team and I have helped many clients recover from cyberattacks that took advantage of weaknesses in Microsoft Exchange. We found that Exchange was vulnerable in every case because there wasn’t a good patching program.
Technology leaders need to ensure that applications in their environments are updated regularly with the latest patches so that you don’t accidentally open a hole in your security. You might also want to look at third-party apps installed on end-user devices. A user might have installed portable versions of apps that your endpoint management solution might not be able to find.
Ultimately, how safe your environment depends on how much time you spend making sure that security comes first in everything you do. Your business is only as secure as its weakest link, and cybercriminals are constantly creating new tools and finding new ways to find those weak links, whether in software or because of mistakes people make.
The things above are just the tip of the iceberg when it comes to making a good cybersecurity plan for your business. Every organization has its own needs and ways of doing things that must be evaluated to ensure they are in line with the basic rules of a safe and secure environment.