Cyberattacks remain the number-one threat to organizations’ ability to keep their mission-critical operations running. Today’s post lays out five key measures your company should have in place to harden its computer systems and increase its resilience.
Related on MHA Consulting: What BC Professionals Can Do to Help Guard Against Cyberattacks
Wars, heat waves, and inflation may come and go, but in today’s world, one thing seems constant: cyberattacks will continue to increase in numbers and sophistication.
Chances are your organization has already been targeted by such an attack. If you’ve suffered a serious impact as a result of a cyberattack, you’re in good company. If you haven’t, you’ve been fortunate. Either way, there is no time like right now to review and beef up your cybersecurity posture.
In our experience, there are five measures every company should have in place to enable it to practice good cyber self-defense.
Most breaches occur because an employee clicks on a link to an infected file that arrives in a phishing email. Sometimes emails trick employees into visiting websites run by hackers and entering their security credentials. At most organizations, most employees are very good about not being taken in by these kinds of scams. However, almost every organization has a small group of employees who are habitual clickers; that is, people who tend to click indiscriminately on links arriving in their inboxes. Most organizations know who their habitual clickers are. At the same time, most companies tend to respond to this problem in a wishful, passive manner. They might send out reminders to the entire workforce and hope for the best. This is an inadequate response to what could be an existential threat. Companies need to identify their habitual clickers (if they haven’t already) and work with them directly, providing personalized training and incentivizing them to modify their behavior. The focus should be practical, not punitive. You might say, “You’re a high risk for causing a malicious attack in our organization because you’re having a problem distinguishing these emails. We want to help you.” If the clicking continues, the organization needs to take steps to put a stop to it. In this day and age, opening attachments from unknown senders is as dangerous as a jewelry store leaving its safe and outside doors open overnight—maybe more so, since one open door can give hackers access to the systems of an entire global organization.
Most companies do a pretty good job in this area. They have spam filtering, web filtering, and security monitoring tools. However, we do see two common vulnerabilities when it comes to security technology. One is that some organizations still rely on the manual checking of security logs. This is a mistake. Such logs should be monitored automatically, twenty-four hours a day, with alerts going out immediately in the case of anomalies, to allow staff to investigate and respond promptly. The other common vulnerability involves the use of legacy software that can no longer be patched, leaving it vulnerable to current threats. There are many understandable reasons companies hang onto legacy software, but from the security perspective it creates a significant hole—one that threat actors are actively on the lookout for.
A good security response plan is more than just a high-level sketch of what the organization will do in the event of a cyberattack. It sets out what the organization is going to do, how it will do it, how everyone will communicate, and how the different portions of the network can be segmented off in order to quickly isolate the intrusion and limit the damage. It should also integrate with the crisis management and IT/DR plans.
A serious cyberattack might require that every existing password be reset. This might protect the company but it will also lock out all of the employees, disrupting communication and preventing people from working. To ensure the organization can take this in stride, the IT department should set up a process that allows for all passwords to be reset, including system and admin-level accounts. This process must communicate what all individuals are required to execute.
The number-one threat to organizations’ ability to carry out their mission-critical activities is cyberattacks, which have been steadily increasing in numbers and sophistication. Fortunately business is not helpless in the face of this threat.
By implementing the measures outlined above, your organization can take significant strides toward reducing its vulnerability to such attacks. By becoming proficient in the art of cyber self-defense, your company can enhance its resilience and better protect its stakeholders.
For more information on cyber defense and other hot topics in BC and IT/disaster recovery, check out these recent posts from MHA Consulting and BCMMETRICS: