The numerous high-profile data breaches that took place in 2018 illustrate that no organization, irrespective of size, scale or scope, is immune from cyberattacks. Last year witnessed a 350% increase in ransomware attacks and a 70% increase in spear-phishing attacks.
We are looking at a state-of-affairs wherein it is very easy for cybercriminals to exploit security vulnerabilities and target weaknesses with malware or ransomware. The worrisome fact is that malware as a service (MaaS) is a reality.
The time to initiate sustained and concrete efforts to protect mission-critical network and data is now. It is imperative to think beyond conventional security and deploy strategies that enable real-time intelligence to expose hidden risks, detect unknown threats and isolate infected systems.
Here are 10 cybersecurity best practices that can help guard against the sophisticated threats your IT infrastructure faces today. While there is no silver bullet for cybersecurity, adopting these practices will ensure better preparedness to address advanced threats and allow prompt remedial action.
1. Get complete visibility into your network vulnerabilities.
The first item that must be ticked off the list is identifying potential vulnerabilities in your network. Vulnerability assessment helps identify every device on the network and lets you assign a risk value to each. Devices may include printers, USB thumb drives, security cameras, smartphones, laptops, desktops, wireless access points, etc.
As the number of potentially exploitable devices on your network grows, make conducting vulnerability assessment an ongoing process.
2. Understand cybersecurity risk, and establish a pain threshold.
All businesses are different and face diverse cyber risks. The complexity of threats demands identifying the primary and secondary cyberattacks and acceptable levels of risk.
Your threshold to the pain that is a result of your risk baseline governs your investment in cybersecurity. It is critical to understand the risks in the form of financial losses, reputation damage or more. List risks in order of importance, and work out a plan to address them.
3. Plan for the weakest link: your people.
When you plan to overhaul your cybersecurity infrastructure, it’s important to keep the weakest link in mind: the people in your organization. Yes, you should invest in the right technology that takes your network and endpoint security to the next level, but make sure your organization’s workforce is aware of the cyberthreats they face and how they must address these threats. Conduct security awareness training programs that establish a culture of cybersecurity awareness.
4. Make patch management actionable
Equifax suffered a massive data breach (approximately 143 million compromised records) reportedly because of a vulnerability in its open-source server framework. The patch for this vulnerability was available, but it was not applied.
This explains the importance of implementing a patch management strategy. Don’t be slow to prioritize. Apply patches as soon as they become available. In these cases, prevention — action taken to mitigate the threat — is the cure. Every organization needs to assess its risk exposure and get into the habit of regularly patching. To make life easier, there are many patch management tools available that can simplify and seamlessly manage the whole process for you.
5. Get to the root of it.
When it comes to cyberattacks, it is not a matter of if they will happen, but when they will happen. Prevention is definitely better than cure, but if your organization does experience an attack, it is important to understand how it happened, how it unfolded and the vulnerabilities it was able to exploit. Root cause analysis can help you find the cause and plug key vulnerabilities.
6. Apply real-time automated protection.
What if an attacker manages to fly under the radar and your resource-constrained IT team fails to identify a data breach in progress? Such disastrous consequences can be avoided if the threat gets identified proactively. The use of machine learning now allows deploying automated protection that proactively detects threats and takes real-time remedial action without manual intervention.
7. Maximize the potential of your security tools.
Deploying the best available cybersecurity solution alone isn’t enough — you need to be able to optimize its use. Before you deploy a solution, make sure you are fully aware of the feature set and how you can use these features to harden cybersecurity controls, and include a documented program plan.
8. Devise and implement a well-defined strategy for incident response.
How do you go about responding to a cybersecurity incident? The answer lies in a comprehensive incident response plan. Remember, data breach costs go much beyond the regulatory fines and the ransom paid to cyber baddies.
An effective response plan is necessary in limiting the damage and immediately taking a series of actions that prevent the spread of risk. A great addition to your incident response plan is developing an individual “playbook” to run through specific scenarios. This will help test your procedures to make sure they work as promised.
9. Entrench the ‘security thought’ across the organization.
Make sure your organization emphasizes the importance of a secure organization to all stakeholders and makes all of them responsible for upholding security best practices. Cybersecurity is not just the responsibility of the CISO or the IT security department; it must be ingrained into all the processes that make up the organization.
10. Get third parties vetted for security.
As a business, you work with third parties and vendors who have access to company data — not all of it, but data that is essential to their working relationship with you. How are these parties managing their cybersecurity policies? Do they have the necessary controls in place to ensure your company data is protected at all times? Make sure you have a policy in place that ensures your partners are evaluated regularly from the information security perspective.
Best practices are as good or bad as the seriousness with which you deploy them. In a world where cybersecurity is extremely critical for your organization’s success, give it the importance it deserves.