The year 2020 has been particularly challenging as we are living in the middle of a pandemic, working from home or remotely which makes all of us an easy target for cyber-attacks and breaches. As October is the cybersecurity awareness month, we gathered a couple of tips and tricks from our cyber specialists to help you in the difficult mission of keeping your devices and your company cyber-safe.
1 - 5 Risky Online End User Behaviours
It is a little bit repetitive but still, most people get trapped in some of the below 5 items. Check below how to “cyber fix” these online behaviours and get covered.
Use a unique password for all applications and services used regularly.
Cover your tracks wherever you go and erase contents on any device before discarding.
Learn the tricks of the phishing trade and be on the lookout for fake logos and URLs.
Use an automated backup solution that backs up to a local target and the cloud.
Make sure the data you store uses at least 128-bit encryption for data.
2- A Cyber Resilience Roadmap
At a corporate level, you need to protect your business and make sure you are “cyber resilient”. To achieve that you need to position yourself as an organization that can prevent, detect, contain, and responds to serious threats against data. Check below some steps which can help in this mission.
Understand What Your Resources are
Resources are more than technological -they are a mix of tech and human capital. Not only does your software need to be up to date, but your team does too. That is why the above tips are positioned first, you need to make sure that end-users know what they are doing in relation to their cybersecurity.
Define your Risk Management
When looking at your risk, look at your risk posture options including risk acceptance, risk transfer, risk avoidance, risk mitigation, and more.
Get in the Right Frame of Mind
Understand your resource mix, privacy implications, and the balance between technology and risk management.
Step up to the Challenge
When the topic is cybersecurity you need to act fast to prevent the worst. There are three questions you need to ask yourself if you want to be cyber resilient: 1. Are you willing to change what you have been doing? 2. Can you think of a better strategy? 3. Can you execute on your chosen solution? Bring together strategic, operational and tactical considerations to achieve the best cyber resilient roadmap.
3 – How to Better Response to Ransomware
Ransomware attacks are getting more sophisticated than ever. Particularly during the 2020’s pandemic the use of covid19 and related words are making users more exposed to these attacks. Here are eight ways to help defend your data against these growing cyberattacks.
Identify Attackers’ Ongoing Capabilities
Understand what ransomware attackers are doing inside a network and what they might still be capable of doing. Lock it down!
Expect Data Exfiltration
Put a plan in place on how to respond to data exfiltration. Attackers steal data so they can use that to put pressure on organizations to meet their demands.
Learn from Others’ Mistakes
The failure to detect attackers inside your network and give them the boot can have serious implications. Don’t assume that because your ransomware attack is resolved that the attackers aren’t still somewhere within your network.
Assume the Worst Scenario
Assume your network is already breached and monitor your data for any signs of compromise. By doing so, you have a window of opportunity to detect and neutralize ransomware attacks before they happen.
Agility is Key
Identify unusual traffic within the network first and thwart any attacks to soften the impact. Do not just watch for malware, be proactive and find traces of compromised assets at an early stage.
Monitor for Odd Events
Monitor “odd events” like binaries (aka LOLBins) with malware detection tools, web scanning tools and next generation firewalls, to quickly block known attacks as well as block users from connecting to known bad IP addresses.
Invest in a Secure Communications Channel
Always have a separate, secure communications channel as well as a walled-off storage channel to keep your data for any digital forensic investigations.
Do Not Restore, Rebuild
Think about how you rebuild your network and infrastructure rather than decrypting your current data and restoring it to eliminate the threat of another attack.
4 – Optimize your Cyber Crises Preparedness
Security breaches are a costly business problem – averaging nearly $4 million a year! When the worst-case scenario happens, an organization’s security team needs to be ready to think clearly and confidently to make the right decisions. Here are five ways to better prepare yourselves for a cyber-attack.
Empower your Cybersecurity Team
Cybersecurity is a company-wide issue, so empower the right people to ensure they can fight off advanced cyber threats.
Train and Training are Crucial
Simulated crisis situations are important to enhance learning by providing a valuable, real-time feedback loop by using context to make it applicable. Under this context cybersecurity training is the best way to keep professionals ready to act in case a breach happens.
Failure is a crucial part of building better individuals and teams. After a breach, debrief to learn from the mistakes and how to prevent the next attack.
Build gamification into a cyber-crisis simulation to improve engagement during the learning cycle.
Have data-driven insights in place and understand your team’s skillset. Remember – humans behind the computer are helping mediate breaches, not the technology alone. The technology will not prevent a breach if you cannot trust the people operating it.
Invest in Cybersecurity Training
Keep your cybersecurity teams and end-users trained and up to date is the best action to take to avoid cyber problems. The best response to attacks is to be ready and know how to act when they happen because they will at some point knock at your door.
In a fast-paced environment, investing in technical training is the best way to overcome the Cybersecurity challenges. At New Horizons Ireland we provide a wide range of Cybersecurity courses from different vendors and covering all paths that you might want to follow.
Talk to one of our Account Managers to check all your options and possibilities. New Horizons Ireland courses are available in a variety of modalities to attend your needs, such as online live, instructor-led in our Dublin classroom and Mentored Learning, which is a convenient way to attend your course at your own pace and availability.
*Sources for the above article: