If you’re looking to build your cyber defenses, here are some areas that you should consider taking a look at when you are coming up with your strategy for mitigating cyberthreats in your environment. Now that you know more about the cyber threat arena, you may have a better idea of prioritizing the following cyber defense mechanisms in your environment.
User education and awareness
Users are one of the most significant weaknesses in coming up with a cyber defense strategy, as we can see by the threat landscape. Investing in programs to aid user education and awareness will never be wasted funds. Many organizations often overlook this area since it can be harder to measure and is less tangible than other defense mechanisms.
Network Security
The network is, of course, another central focal point for hackers, as you can see by many types of threats. Investing in network security is a great way to get started in ensuring you can mitigate these threats. A strong network is an excellent defense against hackers. Penetration testing is a must when it comes to figuring out the weaknesses in your network, and it is often best done by a neutral third party. Sometimes we can be blinded to faults when we’re used to seeing the same networks and systems.
Malware prevention
Preventing malware is a great way to protect your assets. This, of course, ties back to user awareness and training, but software tools can help you prevent malware from getting into your network. Think basics like ensuring all endpoints have antivirus and antimalware software installed on them and more advanced systems to help stop malware in its tracks.
Removable media controls (3-2-1 Rule)
In the backup world, we like to talk about the 3-2-1 Rule to help protect data. Stated, the 3-2-1 Rule means you should have 3 copies of your data on 2 different media types, with 1 being off site. This helps protect you if your primary data (or even your primary site) is compromised.
Secure configuration
There are so many different software pieces that make a business run, not to mention software that controls hardware! In all cases, your software or hardware vendor likely has something they call a hardening guide or a list of secure configuration best practices. It is always a good idea to make sure your components are configured with security in mind.
Managing user privileges
Since we know our users are often the target of so many cyberthreats, it is essential to manage user privileges. You may have also heard of the principle of least privilege. This means that we need to ensure that our users ONLY have the permissions they need to perform their essential job functions, nothing more, and no privileges that are just nice to have. There should always be a business driver for granting users additional rights.
Incident management
Unfortunately, it isn’t if you have a cyber incident in your environment, but when you have a cyber incident. That is why it is so important to have cyber incident management processes in place so that crucial personnel know precisely what to do in the case of an incident. At the core of incident management are quick responses designed to mitigate risk and damage.
Monitoring
Be sure you’re monitoring your environment, from your network to your servers to even your backup environment. A sound monitoring system can help you determine if a cyber incident has already started or will occur. For example, suppose you’re monitoring backups and see they are suddenly larger and taking longer than expected. In that case, that could be a sign that ransomware is beginning to encrypt your data.
Home and mobile working
It is imperative to have policies on home and mobile working since so many are taking advantage of technology advances. Be sure to have a clear policy on what activities are allowed on corporate devices, even at home. Furthermore, if you have a BYOD policy, make sure there are controls to protect their systems from malware.
Review your processes
Last but not least is to periodically review the processes and policies you have in place regarding cyberthreats. The threat landscape is rapidly changing, and it is essential to make sure you can switch to protect against these threats quickly.