Unless you’ve been hiding in a cave for the past month, the latest in a string of very high profile corporate hacking catastrophes should not have passed you unnoticed. According to reports by Gartner, global spending on cybersecurity solutions will increase to $101bn by 2018 and many analysts put the blame firmly at the feet of attacks like this one. A Cybersecurity catastrophe can come in many guises, whether as an Advanced Persistent Threat (APT), a Distributed Denial of Service attack (DDoS) where there has been a deliberate attack on a firm’s server or network in order to disrupt business, an insider attack by a disgruntled employee or ex-employee, a piece of malware either randomly or specifically targeted at your firm, a password attack or a phishing attack. Whatever the method, firms can take a number of steps to guard against such an attack.
Don’t assume you are protected.
Just because you have some AV software, or you are using products from one or two security vendors, you are not necessarily covered, from edge to edge. Systematically work through your technology portfolio and ensure that all devices are protected by an enterprise security solution.
Invest in a multi-layered security solution.
In order to protect all devices, including user devices, network equipment, storage, servers, website, email system and any other communication tools that your firm may have, you will need to build a multi-layered security solution which includes antivirus software, firewalls, a backup solution, encryption software, multifactor authentication to reduce password attacks and mobile device protection.
Keep licenses up to date.
It’s no use investing in a comprehensive security software portfolio, then not keeping the licenses up to date. To be effective, licenses must be updated regularly.
Employees are a weak cybersecurity link and it is crucial that employees understand how their behavior can affect the whole firm’s security. Cybersecurity should be discussed regularly, not just included in an employee’s contract or employment then forgotten about. Put controls on social media and web access in place and educate the workforce about phishing scams and the importance of checking a website’s security certificate. Mandate regular password changes, set up multi-factor authentication where possible and advise against using public WiFi when accessing corporate or sensitive data. Request use of a VPN for remote access into the corporate network.
Monitor employee behavior.
Insider attacks are very hard to detect until it is too late, so monitor employee behavior and if you spot someone acting strangely, accessing or downloading large numbers of files, or generally acting out of character, then investigate.
It is crucial that ex-employees’ access to systems and corporate data is revoked as soon as they leave the firm. Put controls in place to automate the process where possible.
Expect an attack.
Plan for a cybersecurity attack. Vigorously test your cybersecurity defenses on a regular basis and plug any gaps before they are caught. Likewise, test your post-attack strategy and ensure that you can limit any damage and get back to business as usual, as quickly as possible. Just because a firm isn’t a tier one bank, it doesn’t follow that it won’t be a target for cyber-criminals. Assume that you will be attacked and plan accordingly.