Experience tells us, there is no such thing as a perfectly secure system. But that does not mean you have to give up! You can take action to reduce risk of unauthorized access and can also mitigate the potential damage if an attacker gets in. And by following best practices you can do so efficiently and economically.
We have been helping organizations mount economical/efficient defenses for decades, and share our best practices in defense here.
Our Short list of Cybersecurity Best Practices:
- Use a “framework” that will guide your action. Our favorite one is the NIST Cybersecurity Framework, but there are many. A good framework will help guide your policies, procedures, contracting and incident response, and will also help improve communications with others inside and outside your organization. The NIST framework divides actions you need into categories of: Identify, Protect, Detect, Respond, Recover and then fills in many details below those categories.
- Think of your nightmare scenarios. Only you know your business and only you can really know what could go wrong if the worse happens. Use these nightmare scenarios to help determine what your most important data is, this is going to help prioritize your defensive actions.
- Encrypt your data when it is at rest. And back it up! Prioritize this protection on your most important data. This will help mitigate the risks of your nightmare scenarios.
- Encrypt your data when it is in motion. This includes any communication of sensitive information. Use a VPN whenever you are using any public Internet or WiFi connection. Use special protections for team messaging and strategic planning that will reduce the chance that any adversary can detect what your team is planning. A good system, like Wickr, will provide a full suite of collaborative capabilities in a way that significantly reduces risk. This is especially important when responding to a breach by hackers.
- Ensure you and your team are patching operating systems and applications. This sounds so basic, and it is so basic. But it is too frequently overlooked and it gets companies hacked, again and again. So don’t just assume it is going on. Check it.
- Put multi-factor authentication in place for every employee, including on their use of cloud based services. Depending on your business model, you may need to do this for customers and suppliers too. This is very important for a good defense.
- Configure your DNS to make it harder on the bad guys. There are simple configuration changes you can put in place that will greatly reduce the risk of malicious code and privacy attacks. See DNS Configuration Tips Here.
- Configure your email to make it harder to be spoofed/phished. By using widely used configurations called DMARC you can significantly reduce the chance that your email will be spoofed and your partners or employees tricked because of you. Learn more about DMARC here.
- Use a password manager, at work and at home, and encourage every employee to do the same. Our recommendation: Dashlane.
- Block malicious code. This is easier said than done, but work to put a strategy in place that ensures only approved applications can be installed in your enterprise, and use a best of breed anti-virus solution.
- Design to detect and respond to breach. This means putting monitoring in place for your critical data and protected networks so you will be alerted when there are anomalies. Your networks and systems should also be designed with good segmentation so adversaries have a harder time moving around.
- Prepare for the worse. Know what your incident response plan is and make sure it is well documented and reviewed. Ensure it includes notification procedures.
- Ensure every employee in the organziation knows their role in cyber security. This is NOT just an IT function. Training and awareness is so critically important you should consider it your first line of defense.
- Work to know the threat. Knowing the cyber threat will help you more rapidly and economically adjust your defenses. We wrote a book to help you get a quick baseline on the threat (see TheCyberThreat.com). Since the threat is dynamic you need continuous information. Sign up for our daily ThreatBrief and our weekly Cyberwar and Cybersecurity Review. Keep intelligence assets at your disposal, either in-house or with trusted consultants. You need to know what is happening in your adversary’s camp, which includes the Dark Web. Keep learning, including the lessons of history. You can find the wisdom of the masters in books like The Cuckoos Egg, Dark Territory, A Fierce Domain.
Reducing digital risk requires far more than the list above. But this list will get you started on a good foundation for continued improvement and will help you make an immediate difference in your security posture. We would strongly encourage you to take advantage of a free consultation with one of our experts. To start that process, contact Crucial Point here.
Please use this list to inform your cybersecurity strategy.
And Contact-Us with your inputs, suggestions, questions or considerations.