By The #CyberAvengers
So here we are in early 2019, looking back at 2018 which was arguably an IT and network security dumpster fire. There were breaches of epic proportions, and breaches of trust and confidence. But 2017 was no better, ending with the aftermath of the Equifax breach, which affected approximately 143 million customers.
Which leaves us with the question of whether we whine, moan and complain about the past — or do something to change the cybersecurity game in 2019, to change the paradigm of pain and suffering. We suggest that the latter is much more beneficial, as it has the potential for good things to happen.
Here are 5 things you can do in the next few weeks to have a better cyber 2019:
According to the 2018 Verizon Data Breach Investigations Report, upwards of 93% of all malware deposited on networks comes via an attacker tricking an employee, customer or consumer of goods and services to click on a link or attachment in an email addressed to them. That email is not designed to impart knowledge or give the customer a good deal. The email is designed to take over the user’s computer or deposit malware on his or her network. Phishing and spearphishing are like a nasty case of the flu — but flu shots are available to lessen the chances that you will catch it.
Here are two things we can do to prevent these sorts of attacks from occurring:
First, there are aftermarket email solutions and filters that can be purchased to intercept bad or malicious email before it gets to the user’s terminal, device or computer. One such system is called DMARC. There are many others.
The second thing that can be done is to ramp up employee education and training on phishing and spearphishing. There are homemade systems you can employ for such training or there are custom-made spearphishing training programs that can be purchased to train your employees during the year. It has been shown that regular training can decrease the chances of an employee clicking on the link by 50% in 3 months, and by as much as 80-90% in a year’s time. That is not a bad start.
2) Backing Up
Back up your network systems and workstations religiously. Once a week is a good start, but every three days is better. Back them up to three different places: onsite, off-site and the cloud if you can (so backup tapes and media cannot be affected by the ransomware infection).
Ransomware can be transmitted by email, too. And its effects are well known: having backups ready to go will dramatically lessen the chances that a ransomware attack will cause your company a significant problem for more than a day or so. Backup solutions exist at various points, and you don’t have to have huge amounts of cash on hand to purchase them. A little diligence here can save you a lot of pain and suffering and will form a great backbone for your incident response and business continuity plans.
3) NIST Cybersecurity Framework
Adopting the NIST Cybersecurity Framework can give your company a leg up on almost any cybersecurity problem — from knowing your data and where it is located to knowing how that data is being protected today, from providing a foundation to comply with cybersecurity and privacy policies and procedures to giving you the basis to form a sound incident response and business continuity plan.
The NIST Cybersecurity Framework 1.1 can also give you a plan to monitor the cybersecurity efforts of your critical vendors and trusted third parties. Finally, adopting the NIST Cybersecurity Framework, and enacting it, can give you, your company and your board an argument and a defense in litigation: that you complied with an accepted framework and thus kept to a reasonable standard of care in handling your network security and protecting your customer data.
Many companies have already adopted the Framework with great success. It really does work to help you both organize and improve your cybersecurity posture.
4) Multi-factor or Two-factor Authentication
Credential theft is a big part of current cyber attacks. This can not only allow fraudulent transactions, but information theft on multiple websites at the same time. But imagine having not just a password, but a secret code that is sent to your cell phone or iPad that is necessary to gain access to your account (whether it be to buy a good or service, or to access your healthcare records).
5) Vulnerability Assessment
One part of the NIST Cybersecurity Framework is to “protect” your most valuable IT and IP assets. Part of understanding how to protect those assets is understanding the vulnerabilities of your computer network, and where your network might be generally attacked. This process is called a “vulnerability assessment.”
A vulnerability assessment can tell you if you are ahead or behind in updating your network or patching critical vulnerabilities. The answers to these questions might also indicate aging network infrastructure, where patches and updates might not be available. A vulnerability assessment might indicate the lack of multi-factor authentication or deficiencies in how employee devices are handled and updated.
It might also indicate a general deficiency in employee training and education (whether in spearphishing or social media practices). Finally, a vulnerability assessment might pinpoint weaknesses where a company should consider pen-testing.
Obviously vulnerability assessments can range from the easy (say for the small business) to the very complex (say for an IoT-enabled manufacturing facility). Nevertheless, they are extremely important to understand your network and its inherent vulnerabilities. They are also a primer to succeeding in better network security practices.
So 2018 was not a great year in many different respects. But let’s not give up! The 5 steps outlined above should help you have a better cyber 2019. The CyberAvengers wish you a happy, healthy and cyber secure 2019!
Check out the CyberAvengers’ last article: Cybersecurity Quick Tips From The #Cyberavengers: How To Set Up An Early Warning System
About The #CyberAvengers
The #CyberAvengers is a group of salty and experienced professionals who have decided to work together to help keep this nation and its data safe and secure.
Find them on Twitter: