Small-to-mid-sized organizations are increasingly vulnerable to cyber threats in the current business environment. The combination of employees working remotely/working from home and organizations lacking the ideal technology resources to develop a robust security infrastructure has created the opportunity for cyberattackers to seek out easy targets.
Unfortunately, the targets in your organization are your people. Cyberattackers are looking for entry points using schemes such as phishing and ransomware to gain access to your systems, lift credentials, steal data and identities, and hold your systems hostage.
Statistically, according to a recent survey of IT professionals, more than half of surveyed companies (53%) have experienced an increase in phishing activity since the start of the COVID-19 pandemic.
Phishing activity continues to grow because it’s easy and widespread. Bad actors will throw out a wide net targeting thousands of end-users with fake emails or social media messages hoping to lure and hook just one target. Then, once an employee inadvertently gives a cyber attacker access to your systems, the bad actor could launch a ransomware campaign until you pay to have the systems work properly again.
The question is how to avoid this undesirable scenario for your organization. There are key steps you can take right now to prepare your organization for a cyber attack. Let’s examine a few.
5 Keys to Preparing for a Cyber Attack
Consider these steps to proactively prepare to defend your organization against a cyber attack, rather than waiting for an attack to happen.
1. Realize That You Are Not Immune
One of the ways that bad actors take advantage of small-to-mid-sized organizations is by allowing you to create a false sense of security. What type of cybersecurity events do you typically hear about or read about? The big data breaches or cybersecurity events involving headline-grabbing organizations such as Equifax, Yahoo, and Adobe.
Or, more recently, there was a highly-sophisticated attack on Microsoft’s on-premise email exchange system and a major hacking scheme against SolarWinds, one of the world’s premier security-focused organizations. What this says is that no one is immune, not even some of the largest and most technologically-competent companies in the world.
Your file system may not contain the same level of data as 250 million Microsoft customer records, but bad actors are also looking for quick, easy scores. It’s time to get away from the line of thinking that a cyber attack won’t be launched against your organization because you’re not the size of Microsoft.
2. Practice Good Cyber Hygiene
One of the most practical steps that your organization can take to prepare for a cyber attack is to practice good Internet and computer hygiene. What does this look like for your organization?
- Set up prompts for employees to change passwords on a periodic basis.
- Utilize a verification system to ensure that passwords are complex. Consider a password manager tool to ease this process.
- Encourage employees not to use the same password for every log-in.
- Leverage a password manager to securely store passwords.
- Introduce two-factor authentication for critical system access points.
- Keep computers patched and healthy.
- Ensure that network equipment is patch-current.
An important key is you don’t want something malicious to be installed by a bad actor. Making sure that systems are regularly updated and monitored is a step in the right direction.
3. Focus on Data Backups
Data backups are critical to be able to recover systems or data that are compromised should a bad actor gain access. There are many approaches to your back-up strategy — everything from on-premise to cloud or some combination of the two. The key is to make sure your backups are working and are safe from threat actors gaining access to them.
It is also a best practice to test your backup and recovery process. Periodically restoring files and folders from your backup locations as well as making sure your backup jobs are running successfully are important steps in your strategy. You don’t want the first time you test your recovery process to be during an attack or at a highly critical time.
4. Add System Alerts for Suspicious Activity
There are many tools available in the market to help detect suspicious activity and provide alerts if something foreign is loaded into your system. Most solutions can be scaled to fit your size business so that it does not become cost-intensive trying to track, monitor, and respond to every potential threat.
You need these alerts, though, so that your organization can respond as quickly as possible. You don’t want to find out weeks or months later that a bad actor has been snooping around your systems or lifting data from your database without detection. Be proactive so that you can reduce risk and minimize the impact of suspicious activity.
Specific to work-from-home or remote set-up, you should have checks in place so that when an employee’s device connects to the VPN (virtual private network), it will run a check. If the check detects a problem (e.g. unsecure WiFi), then the employee’s device won’t be allowed to connect to the network. This will help you protect against bad actors from leveraging a vulnerability.
5. Provide Training for Employees
As mentioned before, employees are your biggest risk. Developing an ongoing cyber security training and awareness program is critical and can be set up quickly and in a cost-effective manner. Consider providing training videos around the most common cyber threats in conjunction with phishing campaigns. A key component of these training sessions should be helping your employees focus their attention on what to look for in a phishing email attack.
The idea is to increase vigilance, sharpen each employees’ ability to scan for strange activity, practice spotting malicious emails in a controlled and safe environment, and ensure that the most common tactics are staying top of mind for your team so that they can truly be an extension of your security team.
Socium Can Help Your Organization Prepare for a Cyber Attack
The relationship between employees and the devices they use is significant in today’s ultra-connected business environment. Your employees may be using 1, 5, 10, or more devices whether working on-site, remotely, or at home. This means an exponential number of devices and entry points to protect.
That’s why you need to work with a managed security solutions provider such as Socium to deliver a right-size solution to protect your systems and data. You may not have the budget, resources, time, or expertise to manage this in-house, which is where we come into play. We will help you prioritize where to spend time and budget preparing for a cyber attack so that you have an even spread of security coverage across the organization.
What’s the starting point? We often start with an audit of what you currently have in place. Many small-to-mid-sized organizations have a system that was set up but then forgotten about. It’s not managed. We can come in and perform an audit to establish an early baseline of current system capabilities. Then, we can maintain or improve on what you currently have.
Throughout the process, we’ll keep you updated on our findings and recommendations, then we will build a strategy and then execute the strategy to fit your current and future business needs. We have the expertise to deliver the strategy and then we have the resources to manage the execution. We don’t hand this off to another team so that we can keep eyes and ears on protecting your organization at all times.
– Contact us today to get started preparing your organization for a cyber attack. Let’s discuss your current technology capabilities to find the right path forward to support your employees and protect your systems.