It used to be that all you had to do to secure your network and protect your data was to create a technical barrier around it and you were good to go. Sadly, that’s not enough anymore. Cybercriminals have evolved their tactics and the technology that your people work with every day has changed too. You’re probably using more cloud apps and have your people working from more locations than ever before and cybercriminals would love to exploit the vulnerabilities that you don’t know are there.
The bottom line is that yesterday’s cybersecurity strategy isn’t going to address today’s risks. The layers of security that you need for a modern approach to security include some tactics that you may not have had before.
Essential Cybersecurity Layers
The following list of cybersecurity tactics should be considered a starting point for effectively managing cyber risks. Use the list to ask your IT team questions that may uncover gaps in how you’re defending your cyber territory.
1. Multi-factor Authentication (MFA)
MFA is all about identity management and it has become the single most effective tool that you can use to prevent a cyber-attack. MFA verifies that the user who’s trying to get into a network or account is really who they say they are.
Used in conjunction with good password management, MFA utilizes something that only the authentic user has access to – like a smartphone, an ID or a fingerprint – to gain access to an online account or computer.
2. Up-to-Date Systems
Cybersecurity (and IT management) best practices include keeping the hardware and software in your IT systems up to date. Never run software that has gone out of support – like Windows 7 – because it can’t be patched.
Newer software runs best on modern equipment and certain security controls can’t be implemented on older software and slower computers. You’ll find that newer software has plenty of built-in security capabilities and you’ll get the most out of apps like MFA and EDR on up-to-date systems
3. Cybersecurity Awareness Training
Your employees should have ongoing training to help them recognize and respond to cyber-attack attempts. Teaching people how to evaluate URLs, email addresses and common cybercriminal tactics will help them to become less susceptible to social engineering, and savvier about security.
Many attacks happen through valid email accounts that have been hacked. When this happens, an intruder could jump into an email stream and add a malicious link or attachment and spam filters wouldn’t catch it.
Cybersecurity awareness training teaches people what to look for and provides practice to spot business email compromise.
4. Simulated Phishing
Along with cybersecurity awareness training comes practice at recognizing fraudulent messages that ask recipients to click a link, download an attachment or do something they wouldn’t otherwise do – like transfer money. The user’s response to simulated phishing identifies those people who are more at risk for falling for a scam, and automatically follows up with more practice to develop better judgment.
5. Comprehensive Email Security
It’s much better to keep phishing emails from hitting your employees’ inboxes in the first place so having an advanced email spam filter is essential. Filters can be configured to handle suspicious emails in different ways, and you can set parameters for how you want the software to handle suspicious messages.
Spam filters also flag emails that are coming from outside of your organization so that if a message says “from your CEO” but it’s not really from your CEO, they’ll get a red flag that it’s a scam.
As mentioned previously, when cyber criminals can take control of a valid account, their moves can be difficult to spot, so you need email security that incorporates different layers of analysis and detection.
6. Endpoint Detection and Response (EDR)
An endpoint is anything connected to your network, be it a laptop, tablet, smartphone or IoT (Internet of Things) device. Endpoints are potential doors to your network and data, so you have to lock them down.
Endpoint security tools use Artificial Intelligence to actively look for and stop intrusions and hidden threats within the traffic coming and going from each device. The software also collects data to investigate intrusions so that security holes can be closed.
7. Gateway Security
Gateways monitor internet traffic going in and out of your network. A secure gateway prevents unauthorized removal of data and intercepts malicious files from entering. Gateways also scan data sent to your cloud applications and prevent employees from accessing compromised websites that can unload malware or impersonate web pages where people may unknowingly give away their login and password information.
8. Segregated Backups
If a cyber-attack takes over your network and that’s where your backups are located, that’s a big problem. Backups are only useful if you can get the files you need to restore your systems. The best practice is to have backups separate from the local network, and to have unique login credentials that aren’t used anywhere else on backup devices.
9. Patch Management
Cybercriminals actively look for backdoors in software that can give them entry to the computer that’s running the software. While bad guys are looking for these vulnerabilities, so are software developers and they release patches to close them up when they find them. In many cases patches can be applied automatically, but some oversight is necessary to make sure that everything is up to date and functioning properly
10. Cyber Insurance
No one can 100% guarantee that you’ll never have a cyber-attack so cyber insurance has become a must-have component of your cybersecurity strategy to cover costs incurred to stop the attack, clean up the mess, and get operations back up and running.
You’ll get the best rates on cyber insurance if you can show that you’re making an acceptable effort to manage cyber risks. What used to be considered a normal security posture is now considered weak, and you might not be able to get cyber insurance at all.
11. Secure Remote Access
Chances are good that you have more people working from home than you did pre-pandemic. Security for remote access can be accomplished with different processes, depending on how employees are accessing your network and information. If they’re using a remote desktop, make sure they’re connecting via a VPN. Other technologies to secure remote access include secure gateways like SSL. Whatever you’re doing to secure remote access, require MFA for accessing accounts.
12. Security Policies
The nontechnical part of cybersecurity is about how employees access information and use company equipment. Spell all your expectations for these behaviors out in your security policies. Your policies will be most effective when employees know what to do and understand the consequences for not following your policies. Training and reinforcement of behaviors are essential, as are consequences for neglecting them.
Not Sure If You’re Secure?
This list of cybersecurity basics isn’t an a la carte menu that you can pick and choose from. It’s a starting point and the foundation for additional security layers that you might need depending on your business and industry.
It takes every layer to set up an effective cybersecurity strategy. Use this list to start a conversation with your IT team to see if they have all your security bases covered. If what you hear doesn’t give you confidence, or you just want to get an objective perspective, contact us for a cybersecurity consultation.
At Bellwether, we’ve invested in the expertise and tools needed to build a solid cyber defense. We operate our own Security Operations Center (SOC) that is third-party verified for effective practices and processes.
Contact us for a cybersecurity assessment and find out if your organization is missing basic security layers and exposing you to more risk than you want or need.