Ransomware and other cyber attacks continue to escalate. Bad actors continually create more sophisticated attacks and can be ruthless in carrying out extortion and data theft. We must all be vigilant and constantly increase protections. Security is a complex topic and good security requires many layers. But it all starts with developing and managing your Security Plan. Company leadership and IT leadership must have a plan that includes a regular review and upgrade of your security protections on at least an annual basis. Below is a high-level cybersecurity checklist to help you achieve and maintain good cyber hygiene.
Strategic Business Technology Review Meetings & Security Risk Assessments
Business leaders must meet with their IT team (internal and/or outsourced) on a at least an annual basis to review their technology strategy and plan. This must include an assessment of risks to prioritize mitigating the most-likely, highest impact risks. Cybersecurity is never “finished.” We must constantly increase our cybersecurity to respond to ever-increasing threats.
Proactive Monitoring, Patching, Security Updates
All systems must have the latest security patches. This inherently requires that operating systems and applications are kept current. Your IT team should automatically monitor your systems for issues and perform automated updates. This must be followed-up by strong review and auditing processes to ensure that nothing slips through the cracks.
Review your cyber liability, crime and other relevant policies with your insurance agent to further mitigate your risks. Expect underwriters to have you perform a thorough analysis of your IT security practices and report the results on your application. Take the questions insurance underwriters seriously and perform upgrades where appropriate. Also, to avoid risk of denial of a future claim, ensure that all of your responses to your insurance application are completely accurate.
Data Breach and Cyber-Attack Response Plan
It’s human nature. You will not be thinking clearly when a disaster strikes. Adrenaline will kick in. Blood pressure will rise. It is essential that you calmly and thoroughly think through your Emergency Response Plan far in advance of any future incident. So, when the worst happens, you will take a deep breath and begin to follow your plan. A solid response plan will minimize the impact to your business and your stress-level.
Ransomware Backup and Disaster Recovery Plan
Ransomware continues to be a significant threat. Increasingly, ransomware will seek out and disable your backups before encrypting your production data. Ensure that your data is backed up and recoverable in the event of the most sophisticated attacks. Review the protections in place to segregate your backups from the day-to-day data. And always verify, verify, verify your backups.
Security Awareness Training
Employees accidentally clicking on a phishing e-mail or downloading an infected file or malicious application is still the #1 way cybercriminals hack into systems. Training your employees frequently is one of the most important protections you can put in place. Implement plans to inform and remind your employees to be on high alert and reduce their likelihood of clicking on the wrong e-mail or succumbing to other scams.
Porn and adult content is the #1 thing searched for online, most often during the 9-to-5 workday. Online gaming, gambling and file-sharing sites for movies and music are also ranked in the top searches and are “click bait” hunting grounds for hackers. These are sites you do not want your employees visiting during work hours on company-owned devices. If your employees are going to infected websites, or websites you don’t want them accessing at work, they can expose you to viruses and hackers.
Policies and Protocols
Security and compliance starts with strong policies and protocols. Your cybersecurity checklist will be exhaustive – including secure remote access, physical security policies, mobile device policies, etc. Designate a security officer and expect the policy administration to be a significant component to your plan.
If your business is seeking NIST 800-171 or Cyber-Security Maturity Model Certification (CMMC), you need an organized system to accurately track and document your progress and procedures in order to pass an audit for certification.
Managed Threat Detection
Consider a 24×7 Managed Threat Detection Service (SOC/SIEM) that proactively hunts for potential threats and incidents, validates them, and a human team initiates action to disrupt, contain and neutralize threats. Review monthly reports of all activity found and resolved. If you have on-premise servers, a SOC/ SIEM is strongly recommended.