Cyber security threats and attacks aren’t going away any time soon, so if you haven’t taken action to beef up your cyber security strategy, now is the time. Although you may have basic strategies in place (e.g., anti-virus software, firewalls), cyber criminals continually develop new ways to crack through these protections. To keep your business and customers safe, you need to continually evolve your strategies and ensure cyber security is a priority.
Still not convinced? According to a recent study, ransomware attacks more than doubled from 13% in 2016 to 27% in 2017, and virtually all sampled companies experienced attacks related to viruses, worms, and/or trojans.
Additionally, a study conducted by CyberSecurity Ventures showed that by the end of 2019, ransomware is expected to attack a business every 14 seconds and exceed $11.5 billion globally in damages. These costs include lost productivity, post-attack disruption to the normal course of business, forensic investigation, and damage (or loss) of data just to name a few.
What you can do TODAY
Cyber security is much like the tumultuous relationship between the Road Runner and Wile E. Coyote. The Road Runner (your business) is always racing to stay ahead of Wile E. Coyote (a cyber criminal) who strategically uses ACME-brand booby traps (e.g., malware, phishing, trojans) to catch his prey. However, in the case of cyber security, the Coyote is not dimwitted and clumsy; he’s strategic, patient, and often victorious.
So, what can you do today to avoid the myriad of traps that lay ahead of you in the road?
#1: Train Your Users
Your staff accounts for the largest attack surface in your organization, so it is extremely important to train them on their role in preventing and containing incidents. They are the “human firewall” in your organization, and training them is an easy way to quickly boost your security posture.
#2: Invest in Your Perimeter
Attackers search for vulnerable default settings and electronic holes in firewalls, routers, and switches to penetrate defenses. They exploit flaws in these devices to gain access to networks, redirect traffic on a network, and intercept information while in transmission. Ensure your external-facing hardware is configured to best practices and is running the latest patches and firmware. And, if any of these devices in your network are more than 3-5 years old, or not covered under current manufacturer support, it may be time to replace them.
#3: Back Up Your Data
Although it’s not directly related to actively protecting your environment, a robust backup solution ensures you can return to work faster in the event of a cyber infection. Establishing multiple restore points (both on- and off-site) and retaining backups for 14 or more days helps prevent the risk of significant data loss if an attack like WannaCry is successful in your environment.
#4: Implement Real-Time Threat Detection
Although anti-virus software is a must in every environment, it doesn’t catch all threats. Consider implementing a behavioral-based solution like Advanced End-Point Detection and Response. This solution can detect and eliminate threats in real-time using Deep Learning modules and heuristic algorithms that detect malicious behaviors by comparing them against normal process operations.
#5: Conduct Regular Security Assessments
Conducting annual assessments ensures that all potential gaps or flaws within your environment are closed before they can be exploited by attackers. There are a multitude of assessments you can conduct in your environment including:
- Security Gap Assessment – Provides an in-depth look at your current security posture
- Vulnerability Assessment – Provides insight into the stability and security of your network with an evaluation of your internal and external network perimeters
- Perimeter Edge Assessment – Helps you understand how to better secure your firewalls
- Personally Identifiable Information (PII) Assessment – Identifies the location and value of all PII within your environment
- Penetration Testing – Discovers exploitable vulnerabilities in your network
Cyber security threats are very real and will only increase with time. That’s why it’s extremely important to be proactive and make cyber security a top priority in your business. Taking even one of these 5 steps will help prepare your business to defend itself against potential threats, so why not start today?