[BreachExchange] How To Ensure A Robust Cyber Security Ecosystem For Your Business

Audrey McNeil audrey at riskbasedsecurity.com
Mon Jan 8 20:22:24 EST 2018


Employees in small businesses in the United States alone number 28.8
million, according to the United States Small Business Administration.
Businesses that have fewer than 500 employees represent 99.7% of all
business entities in the United States, employing over 56.8 million people.
The prevalence of small businesses makes them an ideal target for

The world took notice in May of 2017, when the ‘Wanna Cry’ virus swept the
globe. Cyber security and data protection are considered among the most
concerning factors in today's digital and green world for businesses.
Hackers are targeting the vulnerable businesses still using yesterday's
cyber security strategies and tactics the most frequently.

To be safe from any malicious attacks, an SME should consider the following
points for strengthening cyber security measures in 2018:

1. Establish a High-Quality Firewall

The software is called a ‘firewall’ for a reason. It limits the exposure of
your network and big data, hardware and software to hackers. It works by
performing a scrupulous scan of all information contained within network
traffic, and filters unknown sources, websites or email addresses that may
have been flagged for suspicious activity, with search engines.

Much of IT security revolves around limiting, or eliminating, malicious
access to your business data. A firewall is an intricate set of strict
rules, that creates a strong filter, reducing your risk of cyber security
breaches. No network (big or small) should be operating without an
Intrusion Prevention Service (IPS), which scans traffic to reduce exploit
attempts from third-parties on your network.

2. Update Security Software Frequently

How many times have you ignored the update requests on your own personal
technology devices? While it can feel like an inconvenience to have to run
updates on your system or equipment, they are a powerful ally in your cyber
security arsenal. Updates provide new security patches for known viruses,
allowing your network to ramp up against whatever malicious code is
circling the globe and infecting networks.

If you own a small business don’t rely on staff to manually accept and
install updates. Your IT provider should have the network scanned multiple
times per day (and during off hours) to detect security threats and apply
updates automatically. Every computer on the network should be updated the
moment that a new security risk is identified.

3. Develop Internal IT Security Policies for Employees and Vendors

Many seemingly harmless activities on a small business network can create
opportunities for hackers and cyber criminals to access your confidential
information. One of the easiest ways for malicious code or other network
exploits to access your business is through third-party software downloads.
Employees need to be trained to avoid behaviors that present a significant
risk of criminal exploitation, including the downloading of videos, ‘free
music’ files, or desktop games from unknown publishers.

4. Create an Incident Response Plan (IRP)

While you are doing all that you can to reduce your risk of hacking and
attacks against your network, it is important to plan for ‘what comes
next', and train key IT personnel and managers about how to report, react
and recover from a cyber-attack.

The elements that a successful IRP should include are:

Designation of key staff who will be working on the incident.
Indication of valuable data and server locations.
Security scan protocols (full system check).
Evaluation of impacted data and confidentiality breach (if any).
Communications debrief on press releases, and responses from media.

Your IRP should be practiced frequently, the same way that a fire drill is
practiced, to provide confidence for business owners that in case of an
emergency staff will know the appropriate next steps to manage the
situation. An incident response plan will save on reaction time, potential
damage and help your company get back to business again.

5. Eliminate Third-Party Software Downloads on the Network

An eye-catching screen saver may have been ‘free to download’, but it can
be packed with malicious code aimed at stealing valuable product, brand,
financial or consumer contact information. Your average employee can’t tell
if an app, or similar download will represent a threat to the security of
your business network.

The bring your own device (BYOD) phenomenon for meetings and public use of
the network allows criminals access through your LAN or WAN. Employees and
vendors should only have access to Wi-Fi on their personal devices when a
separate guest network has been established if they will be using their own
hardware to access the internet through your SMB network.

6. React (Even If You Aren’t Attacked)

According to data reported by the U.S. National Cyber Security Alliance (in
partnership with Symantec) 20% of small businesses experience a
cyber-attack on an annual basis. Of the number of small businesses who
experience a moderate to serious security exploitation, 60% of them close
their doors permanently within six months of the event due to liability and
recovery costs.

7. Data Back-Up and Archival

No matter what data storage systems you have, or how secure you feel your
business' IT infrastructure is, one of the most important things is to make
sure that you have an automated backup. For added security, that backup
should not be onsite (in case of the event of flooding or a fire), but can
rely on one of many secure electronic data storage services.

The United States Congress reported that in 2016 there were more than 14
million small businesses hacked in the U.S. alone, indicating that it is
not only the large business multinationals that are a target.

While large corporations have the capital to invest in state-of-the-art
firewalls and cyber security hardware and software, cyber criminals prefer
to target small businesses where it's easier to gain access to customer
credit card numbers, date of birth and other personal identifyers that can
be bought and sold on ‘the dark web’.

If you suspect your business may have been exploited, or if you feel
someone is trying to gain access to your software or hardware, don’t delay.
React even if you are not under attack, before the malicious code, DDos,
has a chance to spread throughout your network.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180108/72945dce/attachment.html>

More information about the BreachExchange mailing list