1. Business Continuity
Be proactive about threats and risks by coming up with a strategy of what to do if disaster strikes. Having backup data sources is extremely crucial as they are often the last defence against recovery (technical or human-impacted). All data should be backed up multiple times throughout the day and should be non-Windows based to prevent ransomware, breaches and other Microsoft viruses. If the server gets infected, an IT professional will have to restore it which may take two to three days. Ask your IT firm to conduct a security assessment of your network and its vulnerabilities every year. After the assessment, you can figure out how to best manage your risk. Consider getting cyber insurance, as everyone is at risk: whether you are a big or small company.
2. User training
Employees should, at the very least, be given quarterly updates on training, as cybersecurity is always changing. Monthly or weekly updates are highly recommended, but at the very minimum, there should be quarterly training updates in place. In the case of ransomware and data breaches, timeliness is everything. Ransomware is now being used as a distraction to cover up a breach. Those who see a ransom note become concerned with the ransom, not realizing that there is a breach going on as well. User training is key to be able to spot the earliest signs of suspicion.
3. Next Gen Endpoint Protection
This is a protection software that prevents infections by continually learning about malware to detect and block suspicious behaviour, rather than waiting for it to inflict damage. It does not rely on an anti-virus signature to combat malware. It also offers mitigation, remediation and forensics.
4. Data encryption
To encrypt data is to convert data from a readable form to an encoded version which can only be viewed with a decryption key. If your company's data is encrypted and there is a breach, you don't even have to report the breach because no data was lost. However, this is a double-edged sword that must be adequately managed. This will prevent a breach but it will not prevent ransomware from occurring. Even if you encrypt your data, a scammer can re-encrypt it using a different key.
5. SIEM (security info event management)
SIEM collects logs which tracks everything that is going on within the system. Instead of looking at a million log entries, it sends only the notifications that look suspicious. This is becoming more important because firewalls and antivirus work well against known attacks, but we need to consider there may be unknown attacks happening as well. This is a great solution for those companies that are regulatory minded, as it checks all the boxes and helps them to be protected in a more regulatory environment.
