Best practices for cyber preparedness at businesses

Cyberattacks may be the greatest threat to your business today. 

All businesses may be vulnerable, regardless of size or sector, public or private. Cybercriminals won’t ignore a company with a smaller market cap or fewer employees. They cast a wide net, and they don’t discriminate.

You are very likely aware of the landscape — cyber extortion/ransomware attacks like WannaCry and Petya/NotPetya are just a couple of high-profile cyberattacks. But, awareness may not be enough if we do not truly know how to protect our company’s assets.

Are you absolutely certain that you are protected against a cyberattack? 

We have some advice which can increase your cyber risk resilience with proper preparation.


Inventory systems.

Do you know what software and hardware is connected to your network? Is anything out of date or out of service and no longer receiving updates? If found, these systems can be a way in for cybercriminals; they will likely know exactly what to do, and that their target can’t fix it. Businesses should regularly take inventory of every asset, application and piece of software connected to their infrastructure. Anything out of date or unused should be removed immediately.

 Maintain and manage software.

Generally, when a software company sends out a patch, it means there is a vulnerability in its product — one that, without the patch, cybercriminals might exploit. Depending on how many assets a business has, updating and testing can take anywhere from hours to months; during that time, the system remains vulnerable. Businesses must define a process, then, to ensure patches are applied promptly. This is part of limiting software’s attack surface — the areas where vulnerabilities lie — or “hardening” the business’ systems.

Regularly scan the environment.

Cybercriminals constantly scan the internet to find potential targets, and businesses should do the same. By scanning their infrastructure, they can identify and eliminate previously unknown exposures. Large organizations in particular may not be able to inventory the countless assets that connect to their main infrastructures. Regular scans can uncover a new web server or different software even at remote sites.

 Implement a user security policy.

Employees are, arguably, a company’s best asset. But they can also be its weakest link. Employees are the ones, after all, who share passwords over social channels, click on shady or suspect links and visit unauthorized sites. Their poor choices will render even multimillion-dollar security technology ineffective. And criminals know this, targeting employees through phishing and other scams. To help reduce the vulnerabilities introduced by human error, companies should manage endpoints like laptops and smartphones, and leverage antivirus software and a secure configuration policy that eliminates high-risk actions.

 Follow the principle of “least privilege 

It’s convenient to provide access to everything by everyone in an organization, but businesses can’t do that without exposing themselves to risk. To follow the principle of least privilege, businesses would grant employees just enough user rights to do their jobs. To gain more access, employees would be required to authenticate themselves. Here, an identity and access management system can help, ensuring that the right individuals have access to the right resources at the right times and for the right reasons.

Implement network security solutions.

Antivirus software is like a flu shot: It’s not 100 percent effective (not all attack signatures are known), but something is better than nothing. In addition to antivirus, businesses should consider monitoring their networks 24/7 and implementing third-party DDoS protection. Companies should also develop a strategy for end-to-end data encryption to protect the information within that data.

Properly segment networks.

To limit an attack’s damage, businesses must identify their most critical assets and data, separate them from less critical assets and implement strict access control. This is akin to a speed bump: Segmenting an organization’s network may not stop an attack, but it could slow it down.

Ensure backup-and-recovery capabilities.

In the event of a cyberattack — especially one involving a virus or ransomware — businesses should have a literal backup plan. System downtime can be expensive — mere minutes could cost thousands of dollars. It’s essential, then, for businesses to implement a policy for backing up and recovering data and to invest in tools that automate regular backups and enable data recoverability testing. 

Insure your losses.

Cyber insurance can play a key role in cyber preparedness. Generally, this risk transfer approach should be used in conjunction with all the controls and processes offered here. No protection is perfect, after all, and should a sophisticated attack render you non-operational, then you’ll need a way to offset the associated costs. To get started with a customized insurance policy, a business will need to provide a complete and truthful picture of its vulnerabilities. Only then can a carrier properly perform risk quantification and pricing, and the business can be confident it’s protected itself at every point.

Vulnerability to breaches and other cyberattacks may be the price of doing business : Successful mitigation and cyber risk resilience begins when a business acknowledges this fact and does all it can to prepare for the inevitable. Remember: It’s not if a cyberattack occurs, it’s when. Businesses that embrace this reality and prepare early may find themselves a step ahead of the bad guys.

Simply being aware of cyber risk may not be enough! .

For more information on cyber preparedness and risk consulting services, please  contact MapleTech.

Adapted from AIG