Within the last year, we’ve seen a huge rise in cyber attacks all over the world in almost every sector – banking, medical, consumer, and enterprise. In the U.S., workers received a slew of phishing attacks after relief funds were sent out. In Germany, the first death due to a ransomware attack on a hospital was reported. Despite a massive global pandemic that has stopped daily life in its tracks, hackers have made it clear they’re not taking a vacation. Since many companies have shifted to remote work, cyber security risk and management teams need to be more vigilant than ever.
Here are 5 tips to prevent cyberattacks:
1. Update Cyber Incident Protocols
Now that everyone has shifted to remote work, your networks landscape has changed. The trust boundaries are now different, and you have new vectors of attacks possible. Review all your plans to account for these changes. Leverage NIST and other organizations to use frameworks and models, no need to start from scratch!
2. Harden Corporate Assets
Ensure that all the assets employees are using are with the latest patches and tested for security. Companies shifted to remote work so rapidly, they were focusing on functionality rather than security. Corporate assets need to have at least the minimum available protection, such as anti malware software and security agents. Cyber teams should be giving guidance and best practices on what you should and should not do, sending out weekly emails helps with this.
3. Ramp Up Cyber Budget
While R&D budgets are being slashed, it is important to stay vigilant and buy the proper cyber tools and training to keep your organization safe. Cutting security costs now, could cause you to pay more in damages later.
Security training is a sector that should definitely be focused on. There has been a huge rise in phishing attacks and you want employees to be aware. Spend resources on both tools and training to avoid this low hanging fruit for hackers.
Social engineering is another aspect to watch out for.
Employees have more distractions than normal and are operating in different environments. You don’t want them to become complacent. Reach out to leaders with instances of spear phishing attacks, and alert employees to the evolving cyber environment. Everyone should be reminded to remain focused and vigilant to malicious activities. Make sure to clearly communicate what to do and who to contact in the event of a cyber attack.
4. Refine Cyber Toolkit
Make sure that all your monitoring tools and capabilities are providing the best network visibility. Check that your log management rules enable full scope. If using third party vendors, check that they have made the necessary changes to compensate for the current status quo.
The Cyber Tools you license typically come with support, make sure to leverage it and get these fixes in ASAP. The developers of those tools know their products inside out to get you the tailored fit you need.
5. Monitor Security Services.
Changes occur both inside and outside your organization, be cognizant of what your vendors and supply chain are doing. Understand how they are changing their landscape to better fit your needs. Review your SLA’s and be sure to ask about new risks that they can anticipate and what contingency plans are regarding PII. Remember, it’s your customers data which means how it’s stored and saved is ultimately your responsibility.
Whether you are a business owner putting these tips in place, or an employee who is noticing a way to improve protections, these 5 tips will help you to create a more secure organization.
If you are in search of trained cybersecurity professionals to join your company, a program to train your existing employees, or an individual looking to break into the industry, our Zero To Engineer program may be the perfect fit for your training needs.
Visit our website for more information about the program and see if you qualify for zero upfront tuition.