Is Your Company Prepared for a Cyber Attack?
Hackers rarely let a good crisis go unexploited, and the coronavirus pandemic has proven to be no exception. There has been a dramatic spike in the use of COVID-19 themes by cyber criminals as a way to lure unsuspecting users into downloading malware. But it is critical to remember those attacks may just be the first wave of pandemic-related cyberattacks.
Propelled by the need to “socially distance” as way to minimize the spread of the COVID-19 virus, the global economy is in the midst of a hurried shift to telecommuting. That unplanned surge is straining corporate network systems, offering hackers an undreamed-of opportunity to unleash a second wave of more comprehensive attacks on businesses.
Companies that previously didn’t see a need to invest in cybersecurity training and prevention are increasingly focusing in on one question: Are we prepared in the event of an attack? And, obviously, the answer is “no.”
So here are some basic reminders. Do not neglect your cybersecurity, your hard work and your datas.
1. Security Basics
Have you conducted an internal security audit ?
If no: identify areas of your organization that need attention, determine threats, vulnerabilities and sensitive datas.
Is your business compliant with regulations?
If no: audit urgently your system to fill security holes, locate and comply with industry regulations.
Do you have an easy way for someone to notify you about a security issue?
If no: put a security focused email address on your contact page. Follow the security.txt standard to make it easy for researchers to notify you of vulnerabilities they might find
2. Data Security
Do you know where your sensitive data lives and who has access to it ?
If no: automate data classification and locate sensitive files and folders. Map permissions to identify over-exposed sensitive info.
Do you have an audit trail of data access including who, what , when, where details?
If no: enable file and email auditing options, leverage a UEBA tool to identify anomalous behaviour.
Do you have a policy to review access to sensitive info?
If no: assign data owners responsible for managing acess to their own data.
3. Password security
Do your employees have strong passwords?
If no: enforce strong password policies. Require to change their passwords every 60 days.
Do you use multi-factor authentication?
If no: implement it wherever possible, consider where data transfer between employees might be vulnerable
4. Account security
Do you restrict employee access to sensitive info unless needed?
If no: do it now! limit permissions to only those relevant to their jobs.
Do you monitor the activity of privileged accounts and service accounts?
If no: identify which accounts are key targets for compromise and privilege escalation. Employ extra monitoring and behavioral analysis of critical accounts.
5. Device security
Are your IoT devices secured?
if no: update firmware regularly, disable UPnP and make sure your devices are connected to a separatenetwork from the rest of business
Do you have a security policy for employees' mobile devices?
If no: implement a documented policy, include all smart devices including wearables, require employees to automatically update all their devices accessing the network
6. Endpoint security?
Do you have antivirus software in place?
If no : instal eterprise antivirus and anti malware. Set system to routinely update endpoint devices and consider solutins that don't rely solely on a signature database, but also have a behavioral component.
Is your software up to date?
If no: implement a policy to update your data regularly and make sure your IT deparment is on top of emerging security threats
7. Security policies
Do your employees have security training ?
If no: time has come. Train them on cybersecurity best practices, hold regular seminars to update and refresh their training.
Do you have a plan in place to detect insider threats?
if no: control access to data by allowing admin access sparingly, monitor vendors contractors and part-time employees.
Are you enforcing security policies?
If no: implement formal security policy into employee contracts and service-level agreements. Enforce and communicate ramifications for breaking security policies.
8. Disaster Protection
Have you backed up your data and computer system?
If no: implement cloud backup and physical backup. Store physical hard drive backup in a separate location as a contingency against flood, fire, natural disasters etc.
Do you have a contingency plan in place?
If no: create an incident response playbook and educate employees on it, create a plan designed to get all of your important processes back in place after an attack.
Have you tested your contingency plan?
If no: implement drills to test it and ensure it is viable, review and evaluate your plan once a year to make sure it is up to date.
For any question on the subject, do not hesitate to contact us at firstname.lastname@example.org