[BreachExchange] Beef Up Your Cybersecurity, No Second Thoughts Please!

Inga Goddijn inga at riskbasedsecurity.com
Tue Sep 4 08:48:08 EDT 2018


https://hackercombat.com/beef-up-your-cybersecurity-no-second-thoughts-please/


More and more companies today are getting targeted by hackers. Thus, in the
current scenario, it becomes really important that companies make
themselves secure. Every organization today needs to ensure that every
single individual in the organization is aware of what all needs to be done
to ensure proper security. The management and every single worker in any
organization ought to be doing everything that’s needed to ensure maximum
cybersecurity. There should be no second thoughts about ensuring
cybersecurity, just go on and do it!

HackerCombat discusses, in the present context, the basic things that
organizations, especially the key players in all organizations, need to
emphasize to their employees, in order to make cybersecurity a reality.
Here we go:

*Passwords- They’re very important!*
Passwords have a very important role to play when it comes to
cybersecurity, be it for companies or for individuals. Every individual in
an organization should be made aware of the importance of passwords and
password management. The passwords- all of them- should be strong; they
should all be changed regularly. Today, companies have realized the
importance of two-factor authentication as well; they are encouraging
two-factor authentication, for additional security. Yes, it’s definitely
good to opt for two-factor authentication, for enhanced security.

*Stay vigilant about phishing scams*
Every employee in an organization needs to be reminded to stay vigilant
about phishing scams. It’s through phishing scams that most hackers manage
to plant malware on organizational network. It could be one wrong click by
an employee that could result in a malware getting in and wreaking havoc on
the whole network. The hackers can get away with loads of data- corporate
data as well as sensitive personal data of the customers. Every single
individual in a company needs to be taught not to click on any link or
attachment in an email unless they are confident it’s from a trusted source
and is safe. There should be a standard operating procedure that would want
every email address to be verified before an attachment is downloaded or a
link clicked upon. New employees should also be made aware of such
procedures and must be educated on who all are regular contacts and who
not. Thus they could spot suspicious emails as and when they come.

*Lock systems and devices*
All employees in an organization should lock their systems or any mobile
device which they use for work (personal as well as company-provided ones)
with passwords or codes. They should also develop a habit of locking their
systems while moving away.

*Check for updates, download them*
The IT department employees in an organization should always check for
security updates and other software updates. Whenever the updates are
available, they should download them. It’s these updates that keep systems,
devices and networks secure. So it’s important for a dedicated IT staffer
or a manager to ensure that all updates are downloaded on time.

*Have a strategy and the personnel required, use security software*
Survey reports indicate that only 50 percent of small businesses today have
a clear cybersecurity strategy. It’s important for any business, small or
big, to have a well-planned, clear cybersecurity strategy. The whole
organizational network, all devices connected to it, all application used
etc have to be secured. There must be a plan for that, a definite strategy
that’s perfectly implemented. A company should also have the personnel who
can take care of the security aspect; if there’s no dedicated employee, a
consultant’s services can be hired. Similarly, an organization today must
spend on getting all those security software that’s required to secure its
assets and business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180904/72431997/attachment.html>


More information about the BreachExchange mailing list