Cybersecurity- Where to Start and How
Every business, no matter the type or size, needs cybersecurity right now. When it comes to cybersecurity, businesses should be taking a proactive approach, rather than reactive approach. You do not want to be questioning your businesses’ cybersecurity capabilities during a cyber incident. By having a strong cybersecurity program in place, you will not only be able to quickly and effectively respond to a cyber incident if one were to occur, but you will also mitigate many cyber risks and attacks prior to being the target of a cyber-attack. Here is what you and your business should know in order to create a quality cybersecurity program without needing to spend a large amount of money.
The first objective you want to do when building a cybersecurity program is to identify your sensitive data and where it resides. Whether it is your customer’s private information or your organization’s information, it is your responsibility to protect it. You should also determine your mission critical assets. These are assets that are critical to your businesses operations and if the system were to be compromised, it would cause irreputable loss to your business.
Once you have identified your organization’s sensitive data and core assets, you then want to focus on properly securing the data and core assets through the use of policies and technical controls. But now you might be wondering what steps to take to secure your sensitive data and core assets. Below are easy, but effective steps you can take to protect your sensitive data and core assets right now:
Harden Core Assets – System hardening is the process of securing a system by reducing the amount of potential attack vectors, ultimately reducing the security risk. Limiting access to the system, regularly updating the system and its software, closing unused ports, removing unnecessary software, and collecting and reviewing audit logs are all good ways to secure your system. On top of this, you should also be regularly scanning your assets for vulnerabilities to identify weaknesses and gaps. There are open source vulnerability scanning tools that can be used, such as OpenVAS, to scan your devices for vulnerabilities and then with the guidance provided from the scan results, you can remediate these vulnerabilities.
Establish Proactive Security Defenses – Taking a proactive approach to cybersecurity has many advantages and it is not as difficult as you may think it is. Here are some things you can do right now:
Performing disk encryption with the use of BitLocker will help protect files and folders from unauthorized access.
Offering Security Awareness Training to inform your employees of current threats and best practices, which ultimately reduces the risk of compromises from human error.
Performing backups of data regularly. By performing backups, if the data were to be compromised or deleted, you can rest assured knowing that you have recovery points that you can restore too.
Enforcing Multi-Factor Authentication (MFA) wherever applicable. Many times, users just have to enter a password before gaining access to the system. With MFA, users must enter in their password and then provide another form of authentication before being granted access. Another form of authentication could be receiving a text to your mobile phone or an email with a code that must be provided after you have confirmed your password. This helps protect you from an unauthorized user trying to access your accounts, because even if they get your password, they most likely won’t have access to your phone or email account to enter that code.
Create & Document Security Policies That Are Often Reviewed - Your organization should have a single security policy document that contains all individual security policies. A good security policy will provide an overview of the security requirements for your IT infrastructure, identify the functions and features of the infrastructure and it will describe the security measures that are in place to protect your systems. Starting points for a proper security policy would be items such as: Minimum password requirements, limiting system access to authorized users, limiting unsuccessful logon attempts, creating an acceptable use policy for your employee’s, and disaster recovery and business continuity plans. Keep in mind, the security policy is a living document and should be reviewed regularly to search for any gaps or weaknesses with a policy.
Additionally, there are many cybersecurity frameworks that your organization can adopt to provide guidance for protecting your sensitive data and core assets. The framework that we recommend you check out is the National Institute of Standards and Technology (NIST) Special Publication 800-171 r2. This publication offers best practices for organizations in both the public and private sector. The publication also provides guidance on how to implement these best practices, so you can protect your information and organization.
NIST SP 800-171 r2: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf