Don’t panic! A strategic approach to managing the threat of cyber attack
“It is often too late to uplift your cyber posture once an incident has occurred.” – The Australian Cyber Security Centre.
If you’re keen to protect your business from cyber threats, there’s never a better time than the present. In this blog, we’ve prepared a list of actions you can take to strengthen your business’s ability to plan for and respond to cyber threats.
Educate and train employees to create a cyber-safe culture
Cybersecurity needs to be a shared responsibility across your business. Unfortunately, human error plays a part in many cyber breaches. Cybersecurity training helps staff recognise phishing attempts, suspicious links and other threats.
Tips for success:
- Conduct regular training and internal information campaigns to keep employees aware of the risks.
- Support employees with clear information management, email and IT policies.
- Encourage employees to report suspicious activity without fear of blame.
- Reward proactive behaviour, like identifying vulnerabilities or reporting phishing attempts.
Multi-factor authentication (MFA) and secure network access
Many organisations now require MFA as an extra layer of security. In addition, open or poorly secured networks are easy targets for attackers. Detecting suspicious activity early can prevent a breach.
- Implement a virtual private network (VPN) for secure remote access.
- Make sure that all devices owned by the business or used by employees to access corporate information are protected by MFA.
- Use MFA to protect accounts such as email, cloud platforms, and remote access systems.
- Use authenticator apps or hardware tokens for added security.
- Use strong passwords for Wi-Fi.
- Segment networks (e.g., separate guest and internal networks).
- Deploy firewalls and intrusion detection/prevention systems.
- Use monitoring tools to log and analyse activity on your network.
- Set up alerts for unusual login attempts or data transfers.
Keep software and systems updated and back up data regularly
Unpatched vulnerabilities are a common entry point for attackers. Ransomware and accidental deletions can lead to catastrophic data loss.
- Enable automatic updates for operating systems, applications, and plugins.
- Automate regular backups and store them in secure, offsite or cloud-based locations.
- Regularly review and update all software, especially antivirus and firewall programs.
- Test backups periodically to ensure they can be restored successfully.
Use endpoint security solutions
Malware and ransomware often target endpoints like desktops, laptops, and mobile devices.
- Deploy antivirus and anti-malware software on all devices.
- Use endpoint detection and response (EDR) tools to monitor and mitigate threats in real-time.
Monitor and restrict user access
Insider threats and credential compromise are common risks.
- Only give employees access to what they need and implement the principle of least privilege (PoLP).
- Have clear policies for user permissions. Use identity and access management (IAM) systems to enforce policies. Revoking access for former employees as soon as they leave. Regularly review user permissions.
Secure third-party relationships
Supply chain attacks exploit vulnerabilities in vendors or partners.
Take steps to:
- assess the cybersecurity posture of vendors before engaging them
- limit third-party access to critical systems and data
- ensure contracts include clauses on data security and breach notification.
Conduct regular risk assessments and develop a cyber incident response plan
Quick and efficient responses can reduce the damage from a cyber attack. Threats evolve, and outdated systems may introduce new vulnerabilities. Include an incident response plan in your business continuity planning.
Your incident response plan should:
- outline clear steps for identifying, containing, and mitigating a breach
- assign roles and responsibilities to staff for handling incidents
- regularly test the plan with simulated scenarios.
Use regular risk assessments to:
- perform periodic cybersecurity audits and penetration tests.
- use tools to scan for vulnerabilities in your network.
- update your security measures based on findings.
Avoid using unsupported software
Unsupported end-of-life software does not receive security updates, making it highly vulnerable.
- Replace end-of-life software with supported versions.
- Plan ahead for software migrations when vendors announce end-of-support dates.
Engage cybersecurity experts
“If you’re not protecting critical assets, you’re putting consumers in harm’s way, potentially putting the entity in harm’s way and your staff in harm’s way.” Paul Dewsnap, Co-founder and Managing Partner, Digital Resilience
Medium sized organisations often lack the in-house cyber security expertise to handle advanced threats.
Now would be a very good time to take a strategic approach to cyber security that balances technical solutions, staff training, and regular monitoring and maintenance.
9Yards has extensive cyber security knowledge and experience in helping your business protect itself from data and cyber risks. Our consultants are highly skilled and experienced and are constantly updating their skills to handle new types of security threats when they arise.
