“We’re nearing the end of the fourth quarter. How can I prepare for 2021 and enhance my cybersecurity plan?”
For organizations that did not make cybersecurity a top priority in 2020, it is not too late. As organizations evaluate, finalize, and formalize their plans and budgets in Q4 for the beginning of Q1, so, too, should they consider cybersecurity. When cybersecurity is included in the business plan, cyber threats are at a disadvantage. Consider these 5 “to dos” for the upcoming year to straighten your cybersecurity posture:
- Include Cybersecurity in the Budget. Cyberattacks are the number one threat to every business in the economy right now, but is a subordinate entry in most, if not all, budget plans. Cybersecurity shouldn’t be a line item under IT or general risk management. That particular move is an outdated and dangerous practice due to the sophistication of threat groups today. Cybersecurity needs to be properly funded, and successfully budgeted. In order to make cybersecurity an organizational priority, it needs to have proper funding.
- Review Internal System Inventory. Conduct a system inventory of all company-owned infrastructure for your team so they can quickly respond to incidents. It is important that critical systems are accounted for and properly protected. Take the opportunity in Q4 to update and dispose of outdated systems as they present the most vulnerable. As unrelated as it may sound, this also means clearing your inbox. Since Business Email Compromise (BEC) remains the leading cause for the exfiltration of Personal Identifiable Information (PII) and sensitive information, poor email hygiene can result in the leakage of sensitive client information.
- Test Backups. Backups live on corporate networks. Whether your organization has had to use backups or not, it is very important backups are tested frequently. It is vital they can easily and securely be accessed during recovery operations. When an incident occurs, backups need to be reliable. They serve as your lifeline in many incidents as every minute counts. If backups are not immediately functional and you experience an attack, your organization can crumble. It is also important to “clean” your backups from unknown malware, such as TrickBot or Dridex.
- Refine Corporate Policies. Instill a zero-tolerance program for credential sharing and reuse. Employees should not be sharing credentials and passwords with one another in any situation. Having a password manager for all employees to use is essential. Employees will have the visibility to understand and correct their security dashboard, which indicates the accounts with the same credentials and passwords. It will also assist employees to practice cyber hygiene and choose generated, approved passwords. As a result, when an incident occurs, no other account(s) will be compromised because credential sharing and repetition has been eliminated.
Conduct a Cybersecurity Review. Employees are not the only ones who need an annual review. A cybersecurity plan does also. During the review, understand and communicate on your defenses, strategies, and the responding technical teams, legal counsel, and cyber insurance carrier. If you have a cybersecurity provider, ask them how they are staying ahead of threat development and technology. In this moment, double check your environment is being monitored 24/7/365. Cyberattacks happen at any hour of the day, and it is necessary your security provider can provide rapid response.
As we progress through the new year, things will continue to change in the cyber realm. The one constant that remains is the adaptation to the times. New vulnerabilities, methods, and vectors are being exploited and utilized by threat actors every day, which means we must find a way to defend them. One way our engineers will continue to approach the changes is by constantly studying and understanding the threats that exist. Recurring and enhanced cybersecurity certification renewals are achieved by our security staff as their knowledge of the threats on the horizon expands.
Most users of modern technology are aware of updates taking place on their devices or machines, and in the same breath, we must continue to update our operations and investigative cycles to accommodate our partners. The ShadowSpear® Platform we created is a cyber counterintelligence platform that helps protect our partners by giving them full visibility of their risk profile and instant communication with engineers who are stationed in our SOC 24 hours a day, should a threat arise.
If you’re having trouble thinking of a New Year’s resolution, jot down cybersecurity. Plan to provide yourself with a sense of comfort knowing you’ve done all you could to keep your organization protected.