Do you know what it takes to secure your business from cyber attacks and criminals? Buckle up, because in this course, you will learn the basic cybersecurity standards you need to be implementing in your organization.
Cybersecurity is all about protecting what’s yours. You can lose a lot if you don’t make security a priority. Your identity, your business, and the ability to provide for family or employees can be lost in a flash.
But implementing and improving security standards doesn’t have to be rocket science. Keep reading to learn about some different types of cybersecurity threats and how you can prevent them.
Why Does Cybersecurity Matter?
You may be wondering why you should care about cybersecurity. Why should it be a priority for your business? Well, in this digital age, new cyber threats are popping up all the time. And to protect your business, you must protect your data.
You are at risk. Most, if not all, businesses handle and store data. And if you hold data, you are liable for that data. According to cybersecurity laws, you are the custodian of that data. And because you are the custodian, if that data gets breached, it’s on you.
So, businesses and leaders need to be extremely careful and understand what types of risks are out there.
Let’s start with infrastructure security.
When most people imagine cybercriminals, they picture someone sitting in a dark room by themselves behind several monitors trying to hack into your network. In reality, that might not be the case.
It’s more likely coordinated and sophisticated attacks from what are called “server farms.” A server farm is just a group of networked servers housed in one location – typically a big warehouse. And criminals pay a lot of money to maintain these server farms.
What happens is, in a very sophisticated approach, these servers are scanning multiple computers and networks to try and find a hole. Once the servers find a weak spot, that’s when your typical image of a cybercriminal comes into play.
This hacker will try and exploit this vulnerability and gain access to your network.
So, the first thing you want to do when making improvements to your cybersecurity is to perform a penetration test. An external penetration test will check in on your network from – you guessed it – an external perspective.
It will give you a picture of what criminals see when they look at your network and when server farms scan your systems. Depending on the results of your test, you can determine if you have any weak spots in your network that could make you a potential target.
Internal Breach Detection
Another important thing is internal breach detection. Unfortunately, cybersecurity often isn’t a technical issue – It’s a human one.
Most cybersecurity breaches occur because a human made a mistake.
To help mitigate this risk, you should be utilizing internal breach detection software. There are a lot of great options out there that will observe your network. If an employee or someone else has accidentally (or purposefully) done something wrong and is sending out data, the software will notify you.
Next is firewalls. One of the most common questions companies ask us is if they need a firewall.
The answer is simple: yes. Every organization should have a firewall.
If you don’t have a firewall, you are basically leaving your digital front door wide open for criminals.
When you are buying a firewall, there are a few things you will want to consider:
- Intrusion Prevention – Sophisticated firewall brands will offer intrusion prevention that passes any information on bad actors to all of the firewalls in their network.
- Dynamic Blacklisting – All firewalls have rules that allow certain activities or types of information to enter while blocking others. But sometimes, things can get past these rules. With dynamic blacklisting, once a firewall notices a problem, it will automatically blacklist it.
- Content Filtering – A firewall that allows you to filter and block inappropriate sites or activities is something you will want to look for when making a purchasing decision.
Now that we’ve talked about infrastructure, we can talk about software. There are various software options you can choose to have on your network for protection. A few software options we like are:
Microsoft Azure Security Center
Microsoft Azure Security Center is a type of software that helps you properly maintain a secure server. With Azure Security Center, you can use templates, rules, and setup wizards to maintain a secure system. It’s only $15 a month per server, and it will automatically and continually create reports for you.
Another product we recommend is Cloudflare. Cloudflare is a type of software that will help protect you from getting hacked if you have internet-facing websites or exterior-facing applications. How it helps is by protecting your IP address. If a hacker can get their hands on your IP address, they can do a lot of damage. Cloudflare uses algorithms and encryption to stop people from capturing your IP address.
Ransomware is a big issue businesses face today. It’s a very sophisticated type of attack, and if you aren’t protected, it could cost your business thousands of dollars, if not more. With Sophos Intercept X, you can help protect your business from ransomware for only $3 a user.
Moving on, let’s dive into email security. Email is one of the biggest tools hackers can use to gain access to your site. To keep your email secure, it’s a good idea to implement the following practices.
If you are going to communicate sensitive information over email, you need to use encryption. This is not just a recommendation; this is the law. All cybersecurity laws require that sensitive information sent over email is encrypted.
Use a Spam Filter
Using a spam filter might sound simple, but it’s critical to stop unwanted material from coming in. With more sophisticated spam filters, you can even set up geo-filtering. With geo-filtering, you can filter and block anything from specific regions.
For example, if you have a plumbing business in Utah, you most likely aren’t going to need to be receiving emails from outside of the United States. With geo-filtering, you can set it up to only allow emails from your desired regions.
Run a Blacklist Check
On top of using encryption and a spam filter, when it comes to email security, you will also want to run a blacklist check.
A blacklist check will help you determine if your URL, executech.com, for example, has been blacklisted. Being blacklisted will interrupt your ability to send email. You should check your status once or twice a year, and a great tool to use is MXToolbox.
Check Your Overall Security Posture
Check Your Security Score – To determine if you need to improve your email security, you can use simple tools like Microsoft’s Secure Score or Google’s Security Checkup app. These tools will give you an idea of how secure your system is and if you need to make any changes.
Next up is account configuration. A key component of cybersecurity is how you configure the accounts of users that have access to your system. Remember, you are a custodian of data, and you need to make sure everything is set up correctly. A couple of things to keep in mind when providing access to users is:
- Creating User Trails – If your industry is regulated, you will need to provide auditable trails of user creation and activity. Information on how a user was created, who approved that user to be created, and when a user was removed are all important. You will also need to do some quarterly reviews to make sure everything is in order.
- Setting Up Two-Figure Authentication – With two-figure authentication, users will need to provide additional information to prove their identity. This information adds another layer of protection for your organization and can help block a significant number of problems.
- Maintaining Good Password Practices – Nearly every account now requires passwords with eight complex characters, including different capitalization, numbers, and special characters. On top of these rules, you will want to make sure accounts lock after five incorrect password attempts and expire every quarter.
Data Loss Prevention
Data loss prevention, or DLP, is a term we hear more and more. DLP is a security parameter that blocks certain actions when it comes to data. DLP can be as strict as not allowing any access to data outside of certain areas, or you can set up rules for specific data, like credit card information.
You can block data from being downloaded or printed, or put restrictions on the number of times it can be downloaded or printed. Whatever rules you choose, DLP can give you more control over your data.
Backups are critical to successful data management. When you are reviewing your cybersecurity protocols, make sure you have a good backup system in place.
One element of a good backup plan includes using images. Images are replicas of your server taken nightly or in real-time – whatever you set up. Images go beyond data backup by taking an exact snapshot of your server or computer. This snapshot includes configuration settings, security settings, and more.
Another thing to consider when it comes to cybersecurity is regulatory compliance. No matter what industry you are in, you are most likely regulated. In many states, including Utah, all organizations have to comply with minimum cybersecurity laws. Some common compliance regulations are:
- The Payment Card Industry Data Security Standard (PCI DSS) for organizations that take credit card payments and data.
- The Health Insurance Portability and Accountability Act (HIPAA) for organizations in the medical field.
- The Red Flags Rule requires many businesses to implement a written identity theft prevention program to detect, prevent, and mitigate damages from identity theft.
- The National Institute of Standards and Technology (NIST) is a non-regulatory agency that provides general guidelines to follow to keep things cyber secure.
- SOC 2 is a service organization compliance measure for organizations in the financial industry or servicers of financial information.
Like we mentioned above, many problems in cybersecurity are not technical but human. Your team is critical. Without the right intelligence and education, your organization’s cybersecurity will never be as strong as it could be.
One of the first things to consider is if your organization has a chief information security officer (CISO). Many organizations do, but if you are a smaller business, you may not. If your organization doesn’t employ a CISO (or sometimes even if it does), you might want to consider an MSSP. An MSSP is a managed security service provider that focuses specifically on your business’s security, taking care of some of your needs.
Whether you use an MSSP or not, we recommend you perform social engineering tests on your teams. A social engineering test is designed to test employees’ understanding and adherence to security policies and practices. One check may be sending out an email intended to replicate a phishing email to see if your employees fall for it.
The results of your social engineering tests can help you identify how well your team is trained on cybersecurity and where improvements need to be made. Then you can set up cybersecurity trainings at your organization and even retest employees to see how well they learned.
It’s Up to You
Last but not least, cybersecurity ultimately comes down to you. What are you doing to secure your business?
If you are not becoming keenly aware of how dangerous the digital world is today, you are a risk for your organization. Whether you are an employee or the owner, everyone plays a role in cybersecurity.
Use everything you learned in this course to improve cybersecurity practices at your organization and educate others on the importance of security. You can send this course to your co-workers or download our slides here to run them through a training on your own. But remember, these are just the basics. These tips don’t cover everything when it comes to cybersecurity, so you may need to do even more to protect your organization.