No business is immune to being a victim of a cyber-attack. Although not reported to news outlets, local companies are being breached every single day. Cyber liability insurance costs are doubling, with the smallest policies averaging $10,000 a year. Getting a policy today requires security audits. Exaggerate your security posture and you risk being dropped or not covered even when you have a paid policy.
Here are the seven cybersecurity protections you must have in place. This is on top of the expectation that you already have a current, up-to-date firewall and the most recent managed endpoint protection (antivirus/antimalware).
Human firewall – User awareness training
Teach your employees how to spot fake emails, scams and bad links. Test your employees by phishing them and retraining them when they get tricked.
MFA – Multifactor authentication
This is the single most important security feature you can implement to protect your business.
Nearly ALL breaches involving ACH and wire fraud could have been prevented with better network and email security. Insurance companies know this and will demand you implement MFA for your insurance policy renewal.
Encryption has gotten easier to implement and less confusing for your users, so now there is no excuse not to encrypt important, sensitive files or folders on your computers.
When sending emails, send any attachments encrypted. By encrypting your emails, the messages, including passwords you might share, are now safe from prying eyes.
Remember the daily, weekly, monthly backup rotation of tapes? That is now reserved for archiving.
Considering the speed of change and the internet, backing up your work continuously is a necessity. No business can roll back their activity to the day before. That could be thousands of emails, messages, file updates across dozens or hundreds of devices.
Backups need to be continuous across all systems. Your backup is the ONLY recovery path against ransomware.
How long will it take you to recover? The average is over two weeks or longer after a ransomware incident.
24×7 log monitoring (SIEM/SOC)
If no one is monitoring your network 24×7, then how do you know if you have been breached?
According to the Verizon annual data breach report, every single breach could have been detected by a Security Operations Center, or SOC, within minutes. But the current average is more than eight months. That’s too late for a business to do anything but rebuild and recover. The damage is done.
SD-WAN (Software defined, wide area network)
SD-WAN gives you duplicate, triplicate, and quadruple internet connections so your business never loses connection to the outside world.
These are live, usable connections for faster internet as well as redundancy. When you can’t be without your VoIP phones, cloud services, email or any internet service, go with a “vendor” independent solution of SD-WAN. Never have all your “eggs in one basket.”
Zero trust privileges
Stop giving users admin privileges. They don’t need them and should not be able to install updates and software on their computers. Keep that privilege limited to a select few.
Zero trust limits bring your own device — BYOD — without proper protection and management. Geographic fencing will prevent remote users (probably in foreign countries) from accessing to your systems. You should verify all devices, users, and network connections regardless of where they connect. Segregate your networks and isolate key systems.
You should only handing out privileges as needed and removing them immediately. For example, use a PAM, or privilege access management, solution for our clients.
Resources are available to help you, but don’t put off security. The threat actors are not sleeping.
David Wolf is vice president for Just Solutions, Inc.