Best Practices in Cybersecurity
Cybersecurity continues to remain a top priority among small and large companies. For a large company a data breach can cost millions of dollars in lost revenue. For a small company it can mean financial ruin. The number of cybersecurity attacks continues to increase every year. Security threats are constantly evolving, but the following cybersecurity best practices can help protect your company, customers and employees.
TOP 5 Best Practices
1. Develop a Prevention, Detection, and Response Plan
Network intrusions have become a fact of corporate life, and increasingly are viewed as a cost of doing business. A damaging breach needs to be detected, contained, and remediated. All companies large and small should have a strategy in place to ensure that there is a means to identify security breaches that occur. This may include the periodic review of log files or creation of alerts for repeated access attempts from unauthorized users or IP addresses. Techniques for network hardening (means for reducing vulnerability in a computer system) should be incorporated to control access. This should lessen the risk of a breach occurring and limit the extent of damage should a breach occur. Companies should consider implementing stronger user authentication (such as two-step authentication using passwords and physical or bio-metric credential validation); segregating systems or networks to limit access; placing restrictions on the use of removable storage media; using tiered access to information; and adding strong encryption of sensitive data.
2. Implement NIST Framework Infrastructure
The National Institute of Standards and Technology (NIST), is a small agency in the Department of Commerce. NIST is a crucial player in the White House’s Cybersecurity Strategy and Implementation Plan (CSIP), which tasks NIST with recommending ways for federal agencies to recover from cyber events. The NIST Cybersecurity Framework consists of five concurrent and continuous functions: Identify, Protect, Detect, Respond, and Recover¹. When considered together, these functions provide a high-level, strategic view of the life cycle of an organization’s management of cybersecurity risk.
In an environment where cyber threat information is not readily available, organizations struggle with understanding how much security is enough security, leading to organizations sometimes implementing unnecessary cybersecurity protections. Through the use of the Framework, standards for care can be established for each critical infrastructure sector. Organizations can leverage these standards to determine the appropriate level of security protections required, ensuring efficient utilization of security budgets.
3. Cybersecurity Awareness and Training
The risk of a cyber attack to companies continues to grow, as our highly connected world creates more opportunities for cyber criminals. Many organizations invest heavily in technical controls to protect their computer systems and data. However, most of these technical controls are rendered useless because employees lack cybersecurity awareness training. Employees take risks online and this greatly increases cyber-related risks to their organization. Risky activities by employees include opening suspicious emails and not protecting sensitive information stored on, or transmitted from, their computers. In fact, low security awareness among employees remains one of the greatest inhibitors to defending against cyber threats. It is important to address the mounting resource needs associated with changing demographics and to prepare workforce’s with the skills required to meet evolving needs.
4. Schedule Periodic Assessments of Your Technology Systems
Companies should review their technology systems on a periodic basis to identify potential vulnerabilities and to calculate the impact of any breaches that could occur. The assessment should cover the location, access and storage procedures for any information the firm collects, and should include an analysis of the actual need for any information collected and stored. Along with identifying risks, the company should ensure that it has appropriate security and controls in place, including strong firewalls and limited access to external systems. The assessment should validate that all technology security patches are installed and functioning properly, and that no breaches or unauthorized access attempts have occurred since the previous assessment.
5. Ensure Physical Security
Apart from ensuring the internal security of the network, you need to think about the physical security of your organization. Until and unless your organization has full security, any intruder can walk into a premises to gain the information they seek. Hence with technical security, you must also ensure that the physical security mechanisms of your organization are fully functional and effective.
Hopefully these best practices are a useful guideline for keeping your business safe. There are other resources as well, like HIPAA, PCI DSS and ISO² that offer standards that can further improve the Cybersecurity of your business.