In my last post, I described six cybersecurity threats that have sparked concern of late:
1 Review your Incident Response plan
Endpoint protection is essential but not foolproof, so everyone in your organization needs to know how to react to a ransomware attack or other malicious attacks.
2 Boost your server protection
Start by answering these questions: Is server access protected by two-factor authentication? Are servers properly configured and running endpoint protection? Is server data encrypted? Is server data regularly backed up/archived off-site and offline?
3 Make sure your power supply can withstand disruption to the electrical grid
Your organization should have a plan in place to continue operations during events that impact industrial control systems.
4 Embrace compliance requirements
Since data is both an essential asset and, when compromised, a potentially enormous liability, your organization’s ability to meet compliance and audit requirements can serve as a business differentiator — and therefore a business enabler.
5 Map your data
Even beyond compliance and audit demands, you need to know what data your organization handles — as well as how, where, and why — to make sure all data uses are documented and appropriately protected .
6 Take advantage of cloud security services
Agile cloud security services can implement new detection capabilities faster than on-site options. To get the most from your clouds, seek customizable solutions that exploit clouds’ scale, artificial intelligence (AI), machine learning, API-based access, and staff expertise .
7 Move beyond breach prevention alone
You also need to focus on supporting business resilience and response to cyberattack. This means crafting and deploying strategic plans that balance detection, prevention, response, and recovery.
8 Incorporate processes that enable continuous adaptive responses to risk and trust assessment
This will help you identify issues early on and better manage the risks associated with digital business ecosystems.
9 Communicate with senior leadership in the language they understand
To get the critically important senior leadership support you need, avoid techno-speak and spotlight the business consequences of cyberthreats.
10 Understand the role of machine learning/AI
AI and machine learning are offsetting IT staff shortfalls as humans and machines complement each other and together out perform what each can accomplish alone.
11 Improve employee cybersecurity training
This means going beyond baseline training to customize cybersecurity training to the particular needs and policies of your enterprise and even to specific employee roles and responsibilities.
12 Get help you can trust
Unless you have a deep cybersecurity and risk management skills in-house, don’t try to accomplish all of this without expert help you can trust.
Contact us anytime, we’re always happy to help.
Tim