National Cyber Security Awareness Month: Week 2

Week 2: October 9-13 Theme: Cybersecurity in the Workplace is Everyone’s Business

Creating a culture of cybersecurity is critical for all organizations-  large and small businesses, schools, nonprofits, and government agencies – and must be a shared responsibility among all employees.  One of the most alarming statistics in Cyber insurance is that 80% of all events are caused by one’s own employees.  Week 2 will showcase how organizations can protect against the most common cyber threats.

Small businesses, schools, nonprofits, and government agencies are most at risk with the expected lack of resources, either physically or financially, to combat the risk like large corporations can.  Since there are multiple threats they face, they must focus their efforts towards mitigating the top threats likely to cause them the most harm.

These threats are as follows:

  • Ransomware events
  • Cyber Crime losses
  • Business interruption expenses

Here are some basic tips designed to help your clients reduce their risk to the occurrence of these events, and are only a few of several actions which can be implemented.

 

RANSOMWARE EVENTS

Since most Ransomware events occur due to unintentional employee negligence, some good advice for IT personnel to consider is following these tips:

  • Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
  • Keep all software up to date, including operating systems and applications.
  • Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
  • Back up all information to a secure, offsite location.
  • Segment your network: Don’t place all data on one file share accessed by everyone in the company.

 

CYBER CRIME EVENTS

How do you try to avoid becoming a victim of a phishing attack?

There is a lot of valuable information on this topic, and implementing procedures and processes that can do a great job of mitigating the exposure points costs no money.  However, implementation is only successful if practiced properly.

Here are a few simple things to always remember:

  • Avoid clicking on links unless they were specifically requested. If you want to click a link you received, open up a new email and write the person back in a new message and ask if they sent the link.
  • Set a limit on the amount of money that can be electronically transferred.
  • Never open up any kind of attachment from sources you do not know.
  • Any message that requests for you to disclose any piece of personal information is suspicious. Never give out any personal information in response to a request for such.

 

BUSINESS INTERRUPTION EVENTS

Most businesses do not compute the cost of business interruption into other events that occur to their organizations.  They often do not correlate the down time expense with the event causing the down time. There are three costs associated with the non-physical business interruption event, regardless of the cause of the interruption:

  • Income loss– These are the dollars you lose because the website does not work, the widgets are not being made, the service is not being performed, etc.
  • Interruption expenses– These are the static costs of operating business that still must be paid during an interruption, such as employee costs, lights, rent, and so forth.
  • Extra expenses– These are the costs you incur to set up new systems to operate during the interruption, or costs to hire extra employees to enter data, etc.

The best defense against experiencing prolonged BI expenses is to have a disaster recovery plan in place, which is continuously reviewed and updated.  Elements of the disaster recovery plan should include at least these areas of focus:

Backups– The best defense against data recovery trouble is to have proper backup procedures in place.  Two important notes regarding data backups:

  • Protect your cloud Office 365 – This suite deserves unique mention because it is so widely adopted, with an estimated 50,000 small businesses added each month. Microsoft does permanent removal of deleted files after 14 days, generally before someone realizes that they deleted something they need again, and recovery within that 14-day window can take days. This means that O365 users need to setup their own backup system. The best tools offer self-service recovery capabilities for quick restores.
  • Ransomware resistant – Ransomware developers target Windows servers because of their large numbers. This is especially true among SMBs companies, as they specifically target those least likely to have good defenses. To keep from being a victim, backup appliances should be Linux-based, and ransomware resistant.

Disaster Recovery Processes- Disaster Recovery-as-a-Service, (DRaaS) is the ability to recover application and business performance on remote infrastructure after cyber-attacks, accidents, or natural disasters. This capability includes not just data storage but system settings pre-positioned to be deployed in the event of a disaster declaration. This capability can occur in remote corporate locations or in a public cloud.

Implement these DR Best Practices:

  • Automatic -Implementing disaster recovery should not depend on someone manually starting recovery, especially if they are from potentially failed servers. After you lose your servers, your DRaaS provider should be able to spin up your remote infrastructure in minutes.
  • Service Level Agreements (SLA) – It is important to have an SLA with your DR supplier. Not only does this give leverage to demand quick action, it is also a sign that the supplier is confident to offer compensation if they do not meet their standards.
  • Testing– While we all hope that we will never need our disaster recovery tools, hope is not a strategy. IT needs to ensure that if a disaster is declared, systems will work as planned. In fact, many federal and industry regulations such as HIPAA and SOX mandate regular testing to ensure compliance. Written proof of test results is common. However; superior testing should actually simulate the DR process up to, but just before applications are deployed.

A lot more information on these subject is available and credited to the article found at this link:  https://www.drj.com/articles/online-exclusive/the-evolving-challenge-of-cybersecurity.html

Look for more useful information in next week’s review of Week 3 of Cyber Security Awareness Month.

Comments are closed.