Category Archives: Cybersecurity Readiness

Tips for the IT Department on Reducing Cyber Clutter

Just like kitchen drawers and closets, computers accumulate clutter over time. And when you have an entire organization’s worth of people to watch and exponential amounts of data collected every day, it takes more than a day of spring cleaning to get your environment clean.  Clearing out your team’s cyber clutter will not only help make the business more organized and productive, but it will also mitigate the vulnerabilities that accompany the clutter.

Here are four areas you should de-clutter to ensure your organization’s digital presence is clean:

1.    Physical Devices

Physical devices can take up most of your organizational environment, from user computers to firewalls. All of these devices have proprietary information of some form on them, so it’s wise to keep them at the forefront of your decluttering.

Here’s a few tips:

  • Create and enforce policies and procedures for your organization’s documents.
    • Implement a document deletion policy and make sure your team is aware of it. You don’t want a user’s computer to be stolen with years’ worth of documents stored on it.
    • Consider how sensitive documents are handled. These are documents that should not be accessed by the general organization, should not be stored on a local machine, and may need to be encrypted.
    • If you have a cloud storage solution, enforce automatic backup for users. This enables you to have a better view of what your users are storing and what they are doing with those documents.

2.    Cloud Storage

Because cloud storage doesn’t take up space in your server room, it’s easy to forget to quality control it as you do your physical storage. And while cloud storage is generally hosted by trusted service providers, we’ve seen these servers open in the wild before.

When cloud storage applications are one of the easiest ways to exfiltrate company data, it’s important to regulary clean them out and restrict access as appropriate.

  • Are you currently restricting what cloud storage systems your users are able to access? This is a twofold concern as having company accounts attached to multiple cloud systems opens up avenues for attackers and data exfiltration.
  • Enforce your company document policies and procedures with your cloud storage. It’s actually easier to enforce some policies within the cloud, such as least privilege permissions.
  • Utilize the built-in security features that many cloud storage apps have. These can protect against data exfiltration or alert for suspicious activity.

3.    Email

Email accounts are some of the largest data hubs, storing information about an account’s owner and everyone they interact with. Think of the email accounts of the members of your HR department, full of employees’ sensitive data.

When addressing the security of your company’s email accounts, consider:

  • Do you have a limit on how much data a single inbox can hold?
    • If you don’t have a limit, do you have a widely known policy on the importance of cleaning out your email boxes every so often? This depends on your organization, but your users should be informed of the risks of keeping their friend’s vendor’s personal contact information in their inbox for six months.
  • Sometimes it’s surprising what capabilities users are unaware of within their emails. It’s a great idea to empower your users to utilize your email service’s tools by providing them with guides for things like how to:
    • Search for sensitive data to quickly find and delete it,
    • Set up automatic deletion rules, and
    • Set up rules that screen their inbox for marketing or important emails.
  • If your organization has a data retention policy, make sure that emails are included in it. This will affect the permissions your users have; for example, you can completely remove users’ ability to delete emails within their individual inboxes.

4.    Apps

Oftentimes we forget the pervasiveness of apps, whether they’re on our computer or mobile devices. Most companies are utilizing Mobile Device Management (MDM) for their devices.

However, an MDM still needs to be reviewed and have proper enforcements put in place.  Consider:

  • Are apps restricted only to the people that need them? For example, your marketing team may need access to Facebook and Instagram, but your engineers do not.
  • If there are accounts or subscriptions associated with an app, be sure to document all of the relevant information. You don’t want to run into a situation where an employee leaves the organization, but they were the sole owner of applications important to the organizational workflow.
  • All apps should be as securely configured as possible; however, sometimes apps make this difficult by hiding the settings in question. Review all apps and create procedures for secure configuration before they are allowed to the general population of your organization.

Other Things to Think about

  • For organizations that utilize photography or videography, keep in mind that this type of data is just as vulnerable as a text document. Your organizational data policies apply here, perhaps even more stringently.
  • Password keepers are a great method of ensuring that users adhere to proper password practice, such as using strong and unique passwords. Make sure the user is aware of how to properly use the password keeper, otherwise they may find ways to avoid using it.
  • Implement a company-wide multi-factor authentication policy to prevent unauthorized access to your systems. It’s also important to judge your needs of security and your users’ acceptance to see if you should invest in hard tokens instead of the more common soft tokens like authentication apps.

By following the tips above to de-clutter your IT environment, you will ultimately help your organization become more secure.

The post Tips for the IT Department on Reducing Cyber Clutter appeared first on GRA Quantum.

Top 3 Challenges with Securing the Cloud

Cloud SecurityBy 2020,  it’s predicted that 83% of company workload will be stored in the cloud (Forbes).  This rise in usage and popularity comes at no surprise with how cost-effective and easy it is to manage systems in the cloud.

As more critical applications are migrating towards the cloud, data privacy and software security are becoming a greater concern.  With 60% of web applications compromised due to cloud-based email servers (Verizon 2019 DBIR), it’s time to take these concerns seriously.

The cloud has had its share of attacks over the years, from DDoS to data loss attacks and even data breaches.  Whether malicious tampering or accidental deleting, these attacks can lead to a loss of sensitive data and often a loss of revenue.

How exactly do we secure data and prevent against these attacks in the cloud?

The one way to truly secure your data in the cloud is through continual monitoring of your cloud systems. However, this is a challenging process for several reasons:

1.    Lack of Visibility

Cloud technology solutions often make the job of security providers more difficult because they don’t provide a single-pane-of-glass to view all endpoints and data. For this reason, you need a vast number of tools to monitor your cloud systems. For example, most cloud solutions send email notifications that provide some visibility into your environment.  However, these notifications don’t always provide enough insight into what exactly happened. You may receive an email alert about a suspicious login, but many of these alerts don’t give information about where the login attempt happened and what user was affected.

These vague alerts mean you have to investigate further; however, many of these cloud systems don’t have very useful investigative tools. If you want to find out more about the alert, you may be able to view the reports and read the logs associated with the activity, but that requires practice in knowing what to look for and how to interpret the information. This leads to another challenge in cloud security: lack of expertise.

2.    Lack of Expertise

It takes practice to be able to look at security logs and interpret what the activity means. Different cloud providers may produce different types of logs and it can be difficult to translate the many varying log types.

If you want to secure your cloud environment properly, you will need a team dedicated to configuring, monitoring and managing these tools. Through 2022, it’s predicted that 95% of cloud security failures will result from customer error (Gartner).  This reinforces the need to configure your cloud environment properly. Interpreting logs and configuring cloud systems requires skills that are developed overtime.  Many security professionals lack this particular expertise or the time required to properly develop these skills.

Those that do possess these skills and knowledge are in high demand, and there simply aren’t enough people to fill these positions.

3.    Lack of Resources

Implementing all the right tools and staffing appropriately to monitor these tools around-the-clock is not an inexpensive endeavor.  Luckily, there are services you can leverage to augment your staff and monitor your environment, such as a managed security services provider (MSSP).

MSSPs have the tools and resources to pull information from all of your different cloud systems and monitor them in one place.  With a full staff of experts on-hand at all hours, an MSSP is fully prepared to monitor and respond to incidents. They can help provide the expertise and visibility into your cloud environment required to properly secure your cloud systems.

The post Top 3 Challenges with Securing the Cloud appeared first on GRA Quantum.

Small and Mid-size Orgs: Take Notice of this Trend in the 2019 Verizon Data Breach Investigations Report (DBIR).

43% of breaches in 2018 involved small businesses. Hackers know you’re vulnerable and they’re acting on it.

We’re big fans of the DBIR over here, not just because we’re contributing partners and want to see our name in lights. Yes, we’re certainly guilty of initially jumping into the contributor section and searching for our logo, but after that, we devour the data. The report in itself is an easy read, and there is also a DBIR executive summary available for those that want a short overview.

At GRA Quantum, we’re experts at developing tailored security solutions for small organizations facing big threats —and the data in this year’s DBIR show that the threats facing these orgs are only growing. 43% of breaches in 2018 involved small businesses. And that makes sense, when you take the threat actors’ POV into account. Nefarious attackers know that small and mid-size businesses don’t have the cyber hygiene that’s expected of enterprise organizations. Yet, the personally identifiable information (PII) and the intellectual property of smaller organizations is just as valuable.

It’s not all bad news.

As more organizations, especially in the small and mid-size range, move to the cloud, hackers shift their focus to the cloud too. The DBIR showed an increase in hackers’ focus to cloud-based servers. Where’s the good news in this? Much of this hacking stems from stolen credentials AND can be prevented with better education amongst staff, paired with anti-phishing technology and managed security services. All affordable options for companies that don’t have hundreds or thousands of endpoints.

More good news: you can start protecting your small org today by implementing some cybersecurity best practices. We’ve developed a checklist to strengthen your cybersecurity program that can get you started. It’s more straightforward than you may anticipate, and you don’t have to be technical or in a security role to kick-off the initiative. In fact, the list was created for management in Human Resources and Finance departments. Items in the list that are easiest to implement include:

  • Enforcing a policy to require multi-factor authentication (MFA) to access all company systems
  • Creating an onboarding and offboarding policy, integrating HR and IT activities
  • Developing a third-party vendor risk management program
 Start taking this proactive approach to get ahead of the threats and strengthen your security stance today.

 

The post Small and Mid-size Orgs: Take Notice of this Trend in the 2019 Verizon Data Breach Investigations Report (DBIR). appeared first on GRA Quantum.

4 Reasons Your Organization Needs a Data Loss Prevention Strategy

When deciding how to go about protecting your company’s sensitive data, there are plenty of different solutions to choose from, such as endpoint controls, file system controls, or even network traffic inspection. However, the technology is only as effective as the people and processes in charge of configuring, managing, and monitoring it.  That’s why it’s important that technology is not your only method of protecting your data, but instead a way to complement a strategy consisting of internal policies, procedures, and operations. This approach is called Data Loss Prevention (DLP), and should be implemented by every organization, regardless of size.

Why exactly should you consider a DLP strategy?  Here’s four of the main reasons:

1. You have sensitive information.

You have data; every company does. That data is important to your business, your customers, and you. We frequently hear about companies experiencing a data breach and only finding out months, or even years later, that there was a breach.  Take Marriott International, for example.  Marriott acquired a hotel chain called Starwood in 2016. What Starwood and Marriott didn’t know at the time was that Starwood had been breached in 2014. The attacker remained in the system after Marriott and Starwood merged their systems.

It wasn’t until 2018, four years later, that the breach was discovered. If Marriott had implemented an effective DLP strategy, they could have detected and purged the breach sooner through a number of different preventive or investigative procedures.

Your data is sensitive to your business’ success and should only be handled by people that you trust: you and your employees (on a least-privilege basis).

2.  Human error.

Employees can unintentionally leave sensitive data vulnerable. Whether that means they leave file systems vulnerable to unauthorized access, forget to flag an email as sensitive that contains Personally Identifiable Information (PII), or hand their coworker removable media with a list full of Social Security Numbers used for background checks, it should go without saying that humans can make mistakes.

That’s where a thorough DLP strategy can help; if a DLP solution is configured and monitoring your environment according to your policies, you can set enforced rules that prevent these mistakes and generate accurate reports and alerts.  Combine this with employee security training, and you have a chance to fix the potential damage to your business before it happens.

If you lack the resources to set up those configurations, reports, and alerts, you can hire a Managed Security Service Provider (MSSP) to take care of those for you.

3. Malicious Insider threats.

Consider the following scenario:

You hire an individual and they have been performing expertly. They seem to enjoy the job and they haven’t requested a raise in years. Little did you know that when you hired them, they immediately started stealing and selling your data to the highest bidder. This is an extreme scenario, but it does happen. There are organizations and nation-states that will pay top dollar for your sensitive data, and they will gladly target your employees to do it.

Implementing a DLP strategy that includes thorough scenario training can discourage your employees from being persuaded into selling your data, as well as help catch those who do it. With properly trained employees and an effective chain of command, insiders can be reported by their peers at every possible point and be stopped before serious damage is done to your business’ reputation and resulting profits.

4. This is the 21st century of interconnectivity.

We’re connected to everything these days; it’s human nature to crave popularity, which has caused an obsession over online presence that doesn’t always take into account protecting sensitive data. When there’s so many easy ways to send, receive, and view different types of communications from so many devices, it’s easy to blur the line of what belongs on which devices.

We’ve already pointed out that humans make mistakes; why not use a well thought-out DLP strategy and implemented technology to keep an eye on your critical data and tell you when your employees do make those mistakes?  Whether you implement your own monitoring team or contract with an MSSP, a DLP solution will solidify those previously blurred lines of where that data does and doesn’t belong.

In summary, you need a DLP strategy because you have sensitive data, you employ humans who can or might want to sell your data, and even the best policies and procedures can’t stop someone from unknowingly exposing your company’s data. A Data Loss Prevention Strategy written with supporting technologies in mind can mitigate those risks.

Learn more about how Managed Security Services can help keep your data secure.

The post 4 Reasons Your Organization Needs a Data Loss Prevention Strategy appeared first on GRA Quantum.

7 Steps to Strengthen Your Cybersecurity Program Today

Managing a security program in today’s ever-changing cyber threat landscape is no small feat. Many administrators struggle with knowing where to even start. Cybersecurity programs must be continually evaluated and should evolve as cyber threats and company risks change; however, these steps will guide you in the right direction to begin strengthening your security program today.

 1.  Assess your current security program.

The best way to assess a security program is to first choose a framework best for your company. A good framework to follow is the NIST Cybersecurity Framework, which is a comprehensive guide to baseline security requirements and controls any company can implement to strengthen a security program. For companies of all sizes, implementing a security control or practice must be evaluated from a business standpoint to determine if the benefit to the business outweighs the cost of the security control. Following a framework for this evaluation will help you prioritize cybersecurity initiatives and give your organization a clear roadmap for the way you want to develop a cybersecurity program.

2.  Identify what data you have and where it lives.

Data cannot be protected if the custodians don’t know it exists, or where it exists. Identification of the data stored, created, or controlled by a company is crucial to understanding your cybersecurity and data protection priorities. Further, identifying whether sensitive data is stored in cloud services, on hard drives, or in file servers can drastically change the strategy needed in order to protect that data. Even Data Loss Prevention (DLP) tools are less effective if the tool is not focused on the right locations to determine whether data is being accessed or is leaving the protected network in some way. Identifying data locations can also help you to ensure your proprietary or confidential data is moved from less secure locations, such as private cloud storage accounts, to secure, company-controlled environments like an enterprise cloud account.

3.  Implement and enforce policies to combat insider threat.

Policies and procedure are essential to combat the human element of cybersecurity. Employees often do not understand what they can and cannot do with a company’s documents, hardware, and system access if there are no policies in place to guide them. An insider threat isn’t necessarily a nefarious actor out to steal company data; it often presents itself in examples such as a well-meaning employee who shares a document with a partner in an insecure way – exposing the data to unauthorized access.

4.  Implement a security awareness training program.

Continuing with the theme of well-meaning employees, phishing attacks are the cause of data breaches in 98% of the cases reported (Verizon DBIR). Anti-phishing measures can only go so far to detect phishing attacks, so it’s up to the employee to know how to recognize a phishing email, and to know what to do with it. Security awareness training can teach an employee to recognize the signs of phishing emails and may prevent the employees and the company from falling victim to a phishing attack.

5.  Talk to your IT team for multi-factor authentication and anti-phishing measures.

Multi-factor authentication (MFA) is one of the best security controls you can implement to prevent unauthorized access to company systems.  Simply put, MFA works by adding not only something the user knows (i.e. a password) but also something the user has (i.e. a texted code to a cell phone, or better yet, a hardware key an employee has to interact with) to access a system. Many instances of unauthorized system access could have been thwarted by a company’s use of MFA on their critical systems. In addition, as mentioned above, phishing attacks are responsible for a large majority of data breaches and anti-phishing measures should be taken to protect corporate email systems.

6.  Implement a third party vendor risk management program.

Many companies work with third-party vendors and service providers and in some cases, these providers need access into corporate infrastructure and IT systems.  You can invest millions or even billions into your cybersecurity program, but it can be for nothing if a trusted service provider becomes compromised. As is the case in many high-profile breaches, it was the service provider who suffered the breach, in turn causing their partners to suffer the same fate.  Implement a third-party risk management program in which new and existing service providers must show proof of their internal security program practices and controls, before allowing them access into a corporate system.

7.  Implement onboarding and offboarding policies that integrate HR and IT.

When onboarding a new employee, a policy needs to be in place that allows for your HR and IT departments to work together to determine what information the new hire needs access to in order to do their job.  Equally important, you must also have a policy in place for offboarding.  Without proper offboarding policies, former employees or contractors may still be able to access certain IT systems well after the they’ve left the organization. Cases where former contractors or employees retained access to a company’s IT systems for months or even years after that access should have been revoked are not uncommon. And in many cases, an employee leaves a company involuntarily, and decides to use their company access to destroy documents, steal company intellectual property, and can be as destructive as deleting entire servers and infrastructure. Access to systems should be approved by HR (to prevent extra accounts and backdoors from being created without company knowledge), and departed employees should be immediately deprovisioned from all systems.

Implementing any cybersecurity controls or program initiatives requires a company culture shift and executive buy-in. However, organizations, no matter the size, simply cannot afford to ignore security, nor can they wait for a breach to occur before security is taken seriously. The steps outlined in this post will be an excellent start to a strong security program and will help you gain traction for future program changes and improvements.

Download the Checklist to Share.

The post 7 Steps to Strengthen Your Cybersecurity Program Today appeared first on GRA Quantum.

Top Cybersecurity Concerns with Huawei 5G Dominance

The Internet of Things (IoT) is creating a need to progress cellular capabilities to provide necessary support to currently 14 billion IoT devices connected globally and growing to between 20 and 50 billion devices by 2020 (Gartner and Cisco). This includes current mobile devices, computers, smart speakers and televisions, and will include more items like digital locks, security cameras, vehicles, and household appliances. Currently, the IPv4 address space is sparse and the Internet Engineering Task Force (IETF) ratified IPv6 as an Internet Standard in July 2017. The growth of connected devices requires a larger IP scheme and network infrastructure that supports the connectivity of billions of devices at high speeds.

The next iteration for robust infrastructure is 5G, providing bandwidth up to 20 gigabits per second.  This will be implemented this year, but a complete transition will take many years, which Huawei, a Chinese Corporation, is currently leading in technology. Huawei is the second largest provider of cellular phones worldwide and the largest manufacturer of network equipment.

The U.S. Government has taken a decided stance to block the use of Huawei in the United States, filing a complaint that bans all government agencies from engaging in purchasing from Huawei and bars third parties who use the company’s equipment (BBC). Huawei is currently suing the United States because of the ban. The U.S. is not the only country taking a cautious stance with Huawei, however. They’re joined by Germany, Great Britain, Australia, Canada, and Japan, all of which are citing major security concerns with the company (MIT Technology Review).

Security Concerns with Huawei dominating the 5G space:

1.  Security Vulnerabilities in Reconfiguring Networks

The first concern is that newer 5G network equipment is almost entirely software and constantly reconfigures, challenging security agencies, who examine equipment and software for vulnerabilities and security flaws or backdoors (FreshAir). When an organization is unable to identify weaknesses in devices with constantly changing software, it becomes impossible to implement security controls to limit vulnerabilities to an acceptable level, making an organization’s or state’s data accessible.

2.  Espionage & Interference

The second concern is the possibility of China using Huawei to conduct espionage or disrupt communications. A seven-month investigation into China’s Intellectual Property (IP) theft, led by the United States Trade Representative, estimates Chinese theft of American IP has cost the U.S. between $225 billion to $600 billion annually (CNN).

China has also used the Internet to enable rampant government oppression within their borders and is now focusing on other countries and foreign businesses. China is blocking and changing data, both coming into the country and going out of the country, using what Weaver, a network security expert at the International Computer Science Institute, has coined the Great Cannon (MIT Technology Review).

It is also concerning that China will likely continue to use the Internet to control narratives, as they did when Marriott listed Tibet and Hong Kong as separate countries from China, forcing an apology from the hotel chain. Chinese officials are also going after other companies that “misidentify” Taiwan (MIT Technology Review).

3.  Foreign Nation-State Controlled Networks

The third concern, and biggest security concern for the United States, is the vastness of a network controlled by a foreign company and potentially adversarial government. As Sanger (2019) reports, “classified intelligence reports from the U.S. have warned that China would one day use Huawei to penetrate American networks for cyber-espionage or cyberattacks.” Chinese private industry and the State are tightly tied with companies being answerable to the government. Current Chinese laws state that any Chinese telecom companies would have to participate in Chinese intelligence operations (BBC).

If Huawei controls the 5G network infrastructure, the company and the Chinese government have a tremendous advantage to collect, disseminate, and control data and critical infrastructure. With IoT expanding the attack surface it is important for countries and companies to advance their security.

Because of the persistent threat environment, companies require an adaptive security program.  Hiring a Managed Security Service Provider (MSSP) to implement a security solution would help U.S. companies prepare for current and future threats by monitoring, analyzing, encrypting, and assisting in security strategies against adversarial entities.

The post Top Cybersecurity Concerns with Huawei 5G Dominance appeared first on GRA Quantum.

3 Factors to Consider When Securing Big Data

Big data is the new toy in town—a technological commodity that is driving development, but is also a major point of contention between companies, users, and governing entities. But despite the name big data, it is often in the possession of small businesses, who have not taken the appropriate measures to secure this data.  When such large amounts of information are on the line, a breach of this data can be extremely detrimental.

With continual scandals being aired concerning poor privacy protections, it is even more important for your data to be protected. Consider these three things when securing big data: your specific configurations, what access you give out, and how to monitor your data.

1.  Configurations 

It was June of last year that the Exactis leak was revealed. Exactis, a Floridian marketing data broker, had a misconfigured Amazon ElasticSearch server that exposed close to 340 million records on both American adults and businesses. This included incredibly specific details such as pets, gender of children, and smoking habits. This leak has crippled Exactis; there is little chance that Exactis will bounce back from this event.  Beyond the effect that this leak has had on the business, Exactis CEO, Steve Hardigree, has also been open about the stream of inquiries, threats, and constant stress this has had on his personal life.

The root of this crippling leak lies in a misconfiguration and shows us just how configurations can make or break your business.  When you are planning out your big data space, you need to double, and triple check your configurations.

Tips for Checking your Configurations:

  • Security is a multi-layered beast and your data is unique, which in turn means that your approach to security must be customized. This could mean using security software in an unconventional manner or utilizing a third-party security company.
  • Think of the little things. Do you trust all of the programming interacting with your data? If not, how can you make it a trusted resource?
  • Consider getting a third-party Network Security & Architecture Review of your environment. This allows you to have an outside opinion of exactly how secure your data is. If possible, it is beneficial to get this review at least annually.

2.  Access Granted

As you are deciding on configurations, you need to take into account who will be granted access and to what.

If the data is meant to stay completely internal, you need to decide what kinds of users are allowed what permissions. For example, who is allowed to pull data? Is anyone? If it’s not a part of the daily workload, under what circumstances is it allowed? By who?

If you are going to share your data with third parties, there is another host of questions to consider.  Do you allow them unlimited access to your data? Who do you allow access to?

Tips for Granting Internal & External Access:

  • Limit the amount of external access you allow; if possible, do not allow it at all. This will lessen your attack surface and your inherent risk.
  • External resources likely don’t need to access everything your internal resources can. Restrictive groups are a great organizational way to separate who has access to what within your environment.
  • Not all internal resources are equal and therefore should not be given the same access. You will need to evaluate how you give out access and document your process of escalating and deescalating access.

As it has become evident with Facebook’s admittance of leaving data connections open even after deals had been closed, it is also important to think about what happens when access has been revoked. What are you going to put in place to prevent access when it should no longer be allowed?

Take the access you grant seriously so you don’t end up scrambling to make changes after an incident.

3.  Monitoring & Alerting

For everything that can be done to your data, there should be a way for you to monitor it. That is not to say that you have to micro-manage every aspect of your big data. But if an incident were to occur, or more realistically when an incident occurs, you should be able to construct an image of what was going on at the time of the event. For this to be possible, you need a way to monitor your data and receive alerts on the incidents.

Tips for Monitoring & Alerting:

  • Adversaries do not keep normal business hours, so be sure you are monitoring your data at all hours. One way to easily achieve 24/7/365 monitoring is by outsourcing this function to a Managed Security Services Provider (MSSP).
  • When setting up alerts, it can be challenging to find a balance between “alert on every single possible event” and “I only want to see important alerts”. What if an uptick on those seemingly harmless alerts is the only tip-off to an insider threat? And on the other hand, if you are constantly on edge from alerts, you will easily fall into alert fatigue. An MSSP can act as the filter between you and your alerts, only notifying you after an alert is investigated and confirmed to be legitimate.

When you are in possession of big data, there is a lot on the line to secure.  When a breach of this magnitude can destroy your business, it’s critical you take into consideration these factors.

The post 3 Factors to Consider When Securing Big Data appeared first on GRA Quantum.

3 Ways Small Organizations Can Take a Proactive Approach to Security

Small Business SecurityWhile most large enterprises have recognized the value in taking a proactive approach to security, many smaller organizations may not yet realize that they’re also a target for cybercriminals.  As a result, these organizations’ primary security strategy consists of waiting until an incident occurs to react, with minimal to no preventative security measures in place.

This makes small organizations a prime target for cyber criminals, with 43% of cyberattacks targeted at small businesses, according to the Verizon DBIR.

The problem is that this reactive approach often results in severe remediation and forensics costs, as well as substantial brand and reputation damage.

This has a significant effect on any business that is breached, but unlike larger organizations, smaller businesses often have a harder time recovering from the damage caused.  Many of these small businesses don’t recover at all, with 60% of small organizations going out of business within six months of suffering a cyberattack. 

When you take into consideration the growing frequency of small businesses that are breached and the rising costs of these breaches, it makes sense that taking a proactive approach to security can actually save you money in the long run.

So, what exactly does a proactive cybersecurity strategy consist of?

1.  Identifying your greatest vulnerabilities with Security Assessments.

The first step in proactively protecting your organization is understanding what exactly needs protecting.  This can be accomplished in a security assessment to understand and identify your greatest weaknesses ­­— before an adversary does.

These assessments could take the form of a Network Security & Architecture Review or a Penetration Test.  They are designed to find weaknesses in your security policies, network design, and device configurations and rules.

As an extra benefit, these assessments help you prioritize where to focus your budget.  This is a great way to get your executives on board, whose support is critical when gaining budget for other proactive measures.

2.  Monitoring your network continuously with a Managed Security Service Provider.

One of the best ways to proactively detect incidents is to have eyes on your network 24/7/365.  This can be done through a managed security services provider (MSSP), which will continuously monitor your endpoints and alert you when there is suspicious activity on your network.  The MSSP staff will also provide you with detailed recommended remediations so you can strengthen your network and prevent future incidents.

Although the cost of an MSSP may be comparable to hiring an internal employee, the value you receive from an MSSP is far greater than one person can offer.  Unlike a single employee, an MSSP offers you varied areas of expertise, access to technology, and around-the-clock coverage. 

3.  Reducing incidents resulting from human error with Security Awareness Training.

With human error accounting for 27% of cybersecurity incidents (Ponemon Institute), providing your staff with security awareness training is one of the most critical and budget-friendly proactive measures you can take.

This training should include secure password training, phishing campaigns, and secure travel training.  Be sure to incorporate this training into the onboarding process and include regular refreshers to ensure your staff is up-to-date and you are fostering a culture of cyber awareness.

By taking the necessary steps to implement proactive security measures, you can save money on costly breaches ­­– and possibly even save your business.

Not sure where to start? Contact us for a complimentary security assessment.

The post 3 Ways Small Organizations Can Take a Proactive Approach to Security appeared first on GRA Quantum.