Six steps for preventing a cybersecurity attack
It's a matter of when, not if, when it comes to being the target for a cybersecurity attack. Companies can prepare themselves by enhancing IT security and education and knowing their network.
Let’s face facts: sooner or later the hackers will come for you. Don’t let yourself think that you don’t have anything that they want. Everyone has something of value. What can companies do to protect their network and even their reputation? Consider these six steps to prepare yourself and reduce the attack vector.
Step one – Enhance IT security
Train the employees in the company and make them aware of what they can do to help protect the network. Tell them the evils that are out there and what to look for. But put a positive spin on it. Don’t make the mistake of saying that 80% of people click on this evil link. Then the message is that the majority of people do it, and people tend to follow the majority. Instead say, “Good users don’t click on links like this.” Also, you need to know who your users are, when they normally log in and from where. Monitor the network for small anomalies.
Step Two – Revisit architecture
Look at your network from a different point of view, like a hacker would. If you were going to attack your network, what weak points would you look for? Be brutally honest with yourself. Don’t be afraid to bring in a third-party penetration tester to test your network security. When it comes to your network configuration, consider micro-segmentation of your network, with each department or group on their own subnet. This will make it more difficult for a hacker to move around your network, should they get past your firewall.
Step Three – Know what is on your network
Map the networks, discover all the devices connected to the network and know where the networks touch each other and the internet. Know the configuration of every router, switch, wireless access point, computer, printer, etc. that is connected to your network. Implement alerts when the configuration of one of those devices changes.
Step Four – Create and enforce cybersecurity policies and procedures
If the company created cybersecurity policies and procedures two years ago, and have not updated them since, the procedures are likely out of date. Review and update cybersecurity policies and procedures and then share and explain them to employees. If no one knows they exist or if they don’t understand them, they will be impossible to enforce.
Step Five – Patch and update
Microsoft and other vendors release security updates for a reason, and it is not just so they can send you an e-mail on Patch Tuesday. As soon as the company becomes aware of a security related patch or update, they need to be making plans on when and how that patch will be implemented and how to mitigate the risk while you wait to install the patch.
Step Six – Detect unknown threats
Know your users and know your network. Look for anomalies, new devices or new hosts on the network. If anything changes on your network, due to your change management process and procedures, you should be aware of the change before it happens. Any change in a user’s sign-on activities should be questioned. Don’t be afraid of upsetting the users, they will be more upset if you get hacked.