With all the cyber attacks happening, it is important from a business perspective to be as prepared against an attack as possible. Not only are attacks damaging to a business’s reputation, but also their bottom line. It can take up to 287 days to fully recover from a cyber attack.
How to Prepare for an Attack
So what can a business do to prepare themselves against a ransomware or malware attack? It may seem overwhelming, the list below provides eight easy-to-implement measures all businesses should take now as a minimum:
1. Train employees on good cybersecurity.
Employees are the biggest threat to a company’s cybersecurity and most data breaches result from employee carelessness or lack of knowledge in regard to cybersecurity. Companies should hold regular training sessions concerning malware, phishing, securing home networks and why it is important for them to avoid public or open networks.
2. Employ vulnerability testing.
Companies don’t know what they don’t know. Hire an outside agency specializing in ethical hacking and have them stress your IT system. Once the weak areas are found have them suggest measures your IT people can implement to make your system stronger.
3. Implement DNS Protection.
Having DNS software in place, serves two purposes – it blocks inappropriate content from reaching employees before they have a chance to interact with it and it blocks time-wasting content from getting through.
4. Use a firewall.
An external firewall should be your first line of defense as it provides a barrier between your employees and cybercriminals. Many cyber specialists also recommend installing an internal firewall also for an extra layer of protection. And for remote workers … make sure they have at least one firewall on their home network and any mobile devices they use to access company data.
5. Change passwords regularly.
Two-thirds of all data breaches occur because of weak or stolen passwords. A good company policy should be to change them at least every 60 days and don’t use the same password twice. Make sure employees also change passwords on the same time schedule on their home network and remote devices they use to access company data or provide them with company-provided devices they can use from home.
6. Adopt a bring-your-own device company policy.
Company-provided devices make it easier to control as far as cybersecurity but allowing employees to use their own devices increases productivity. However employees that do so must understand that they also have to conform to company’s cybersecurity policies. One way to do this is to install a VPN and remote application environments. Companies must also monitor their networks for unauthorized devices.
7. Use a risk-based approach for data.
Know where your greatest risks lie and focus on mitigating those risks first. Then work your way down your risk list to those less risky of breach.
8. Use multi-factor authentication.
One of the best ways, and least used, is to turn on multi-factor authentication. Online accounts are better protected by using more than one layer of authentication. Many times a hacker can figure out a set of even strong passwords, but rarely can they figure out two sets.
Colonial Pipeline – Classic Example
To point out the importance of using these measures, we need to look no further than the Colonial Pipeline ransomware attack. Investigators found that Dark Side hackers gained entrance to the company’s network via an outdated VPN that was used in the past to allow employees remote access to its network. However, it was no longer in use, but still active as it had never been removed from the network. The VPN also lacked multi-factor authentication which allowed hackers easier access to the network.
While the VPN did have single-factor authentication, the employee’s password had been used on several different accounts outside the company and had been previously hacked in the past. And because the employees VPN password had not been changed, and that password was known to hackers, it made it relatively easy to gain access to Colonial’s network via the outdated VPN network. In all, those cyber mistakes ended up costing the company $4.5 million.
These cybersecurity measures are relatively easy to implement and cost effective … especially when compared to a money paid out due to a ransomware attack. It is no longer a matter of the cost to implement these measure, but rather the cost of not implementing them!