THE INGREDIENTS FOR A WORKING CYBER - SECURITY PLAN

THE INGREDIENTS FOR A WORKING 

CYBER SECURITY PLAN:

Up-to-Date Anti-Virus

Reputable antivirus software with regular updates is a strong first line of defense against any data security threat targeting your business. By 2015, close to a million new pieces of malware were created each day, a number that continues to rise. Antivirus software requires frequent updates to stay on top of recently discovered threats. With Tie National’s Guardian, antivirus software is updated on a regular basis while providing real-time antivirus protection. This makes it nearly impossible for a virus to sneak into your system in between scans.

Traffic Monitoring

The reality is, at some point, a threat is likely to make it past your antivirus software. No matter how many firewalls and protections you build into your system, are not enough to stop a particularly determined hacker, or to prevent a serious case of bad luck as a new piece of malware slips through the cracks. One of the biggest threats to your company is actually your employees. Sophisticated hackers use phishing scams and other attacks to convince your employees to metaphorically open the castle gates and let them slip inside. Fortunately, traffic monitoring isn’t fooled by those scams. The goal of traffic monitoring is to detect malicious traffic as it enters your system, preventing it from doing further damage once it’s on the inside.

Protection Against Ransomware

There’s no cyber attack more immediately damaging to your business than ransomware. CryptoLock software creeps into your system, encrypting all of your vital data (including previous orders, vendor details and customer/patient information) and making it impossible for you to get access to your records. Without specific protection in place against this type of attack, and critical file backups to the cloud, your entire business can grind to a halt. Worse, this style of attack has become increasingly common over the past several years as hackers learn that it is one surefire way to make money as most businesses are desperate to pay the ransom to get their records and data back.

Multi-Layered Protection

From hackers determined to make their way into your system specifically to employees who accidentally open the door to malicious software, there are plenty of opportunities for your business to become the victim of a cyber security attack. Putting your faith in a single layer of protection simply isn’t enough! With multi-layered protection, however, you can run your business every day with the confidence that you are less likely to the victim of a cyber attack. You need to know is that your business is firmly protected with multiple layers of protection acting as a failsafe for each other to offer the best protection for your company’s data.

Immediate Response and Support

Cybersecurity threats change with every passing day. Staying on top of them is a full-time job, and no protection is absolute. Your business needs a plan in place to deal with cyber threats when they arise and reliable support that’s there when you need it most to help answer those threats.

Tie National, LLC can design a plan that offers support exactly when you need it:

• 24/7 support for both software and hardware, allowing you to take care of any problems with your business technology quickly and efficiently
• Reliable technicians who troubleshoot and resolve issues that arise
• Security patch management which maintains timely updates and patches to reduce possible vulnerabilities.

SOME MORE THINGS TO BE KEPT IN MIND WHILE MAKING A CYBER - SECURITY PLAN: 

1. Get the Basics of Security In Order

Part of the planning process should involve avoiding having a problem in the first place. The best incidents are the ones that never happen. To achieve this goal, or at least improve your odds of never having a catastrophic breach, make sure your basic security systems are running at top form. And, make sure your security policies are being fully enforced. These include:

• Firewalls
• Intrusion Detection Systems
• Security incident and event management (SIEM) systems, if appropriate
• Automated security monitoring and alert orchestration systems, if appropriate
• Spam filters/Anti-Phishing
• Access control – both Identity and Access Management (IAM) and Privileged Access Management (PAM) for back-end administrative access.
• Strong passwords/two-factor authentication where necessary
• Encryption of sensitive data – at rest and in transit, as required by regulation and policies
• Security software for smartphones

2. Collaborate with Internal Stakeholders

In the event of a cybersecurity breach, personnel and teams in the company’s IT, finance, legal, and other departments should be ready at a moment’s notice. Everyone should have a pre-determined role related to incident response. Eliminating guesswork will allow the situation to be assessed without wasting any valuable time. All employees should be trained to recognize the signs of an attack. When the time comes, they will hopefully recognize tactics such as social engineering used to trick people into providing personal details, installing malicious software on the network or allowing the hacker to steal information. When it comes to data loss, everyone is on-deck, and minutes count.

3. Work Within a Framework

The cybersecurity response must adapt to the types of data protected and the circumstances involved. A framework is an important component of cybersecurity risk management. It requires governance across all people, technologies, and processes in the organization. By the time you need to take action, this framework should give you the plan needed to deal with a cybersecurity incident without any guesswork or delay. Its scope should span all work processes; people inside and outside the company, including third-party vendors as well as devices that are connected to your corporate network. If you don’t know where to begin, check out the US Computer Emergency Readiness Team (US-CERT) Framework or the NIST Cybersecurity Framework.

4. Be Aware of Threat Intelligence

The more informed decisions you can make during a cyber-attack, the better off you may be. First, you must recognize the signs of an attack and the tactics, procedures and techniques, using predetermined indicators as a reference. Threat intelligence involves these indicators, context, and actionable insights into existing and emerging threats to company assets. The knowledge included here is evidence-based, providing the keys to making informed decisions the moment a cyber incident starts. Vulnerabilities such as shared administrative passwords, unpatched software and operating systems, infrastructure configurations or business operations and processes provide a context to the threat. Recognizing the accidental or intentional acts of an individual staff member will also provide the threat intelligence needed to appropriately respond to a cybersecurity incident.

5. Understand Regulatory Factors and General Liability

A response to a breach should consider regulations pertaining to your industry — particularly for fields like healthcare or finance. You risk fines and other penalties if personal information is exposed. For instance, if your organization is determined to have been negligent in its handling of security, there could be legal (civil torts) and regulatory ramifications. Having a detailed audit log of what happened before, during, and after the breach may prove quite helpful to clear your organization of the charge of negligence in its security duties.

6. Conduct a Thorough Risk Assessment

Refer to a model of the most pervasive threats based on the risks identified, their likelihood of occurring, and what damage they could do. The actions taken should involve the appropriate personnel outlined in the model. Once cybersecurity threats are prioritized, the steps to tackle each one as it occurs are clearer to all stakeholders. Risk assessment doesn’t only fine-tune your cybersecurity response, but also helps prevent attacks in the first place. It involves putting yourself in the mind of an attacker. If you can determine what may be most valuable to them, it’s more evident where to focus your resources to protect the most vulnerable data.