We talk a lot about basic practices your company can take to have better cyber security. But it’s worth us all reminding ourselves from time to time about these measures. It isn’t enough to have a plan in place to handle a hack when it’s happening. You have to be able to plan for what to do before an attack, during the attack, and after the attack. And moreover, you have to be able to relate this information to the all company employees so that everyone is on board with what to do in a cyber emergency.
Unfortunately, it’s not a question of “What to do IF an attack occurs” but rather “What to do WHEN an attack occurs.” The harsh reality is that a business will likely be the victim of at least one (if not more) cyber attacks in the coming years.
Below are industry best practices that can help your business mitigate the results of such an attack:
1. Create a plan—The first thing you need to do is establish a plan for how you will respond to a cyber attack. This should include various aspects including a communication tree of who should be notified first and so on.
In this way, the right people are notified first so that an immediate response to the attack can be initiated. Additionally, if a data breach is involved, you need a specific plan on how this will be communicated to your customers and clients. By doing this, you can possibly alleviate some of the negative fallout from your customers.
Once you have the plan in place, you should review it annually to make sure that the information is still accurate and that the protocols are in line to current cyber threats.
2. Set the right tone—All employees need to be on board with the importance of these cyber security protocols. Buy-in from upper management is critical with a need for modeling the appropriate behavior and actions (such as securing their password and logging off of computers after each use).
Senior management and supervisors should also take part in security training to better learn their role in disseminating this information through the company.
3. Test your system—Your IT department should be regularly conducting penetration tests. These are meant to hack your own system to see where it could be vulnerable to attackers.
If a vulnerability is found, the IT department can take steps to close the breach before a real hacker takes advantage of it. In addition, it’s important to regularly hire an outside security firm to do an independent test of your system by hacking it to look for holes in the security.
An outside firm can also do an audit of your physical security measures to ensure that your physical computers and servers are as secure as possible.
4. Back it up—Everyone in IT knows that the mantra is “backup, backup, backup.” If something cataclysmic happens and your entire system is wiped out, you need to have all of the data backed up (preferably at least one backup method is to an off-site server) so that you can restore the system in the event of such a disaster. Restoration could be a time consuming process, but it sure does beat losing all your data.
5. Drill—When dealing with disaster planning such as hurricanes or floods, an emergency management director will tell you that it’s imperative that you drill regularly so you can be prepared in the event something happens. Well, a cyber breach is an emergency so the same still holds true.
Be sure to drill regularly (both announced and unannounced) to make sure everyone follows the proper protocols laid out in the emergency plan. Also, make sure you practice multiple scenarios (such as data breaches or ransomware attacks) to ensure that your company is ready for every possible contingency. Think of these drills as learning experiences to see where your weaknesses are so that you can close these gaps.
6. Recommended elements—There are several vital aspects that your security plan should include these days. These include:
- Email and web filtering
- Network segmentation
- Restricted Admin Access – users having local access creates a risk when they download questionable software
- Two-factor authorization
Once you have these plans in place, you are not out of the woods totally. Constant vigilance and revision is necessary. The hackers are not resting on old techniques and tactics. They are innovating their styles of attacks daily so your defenses have to stay one step ahead of them.
INSUREtrust is committed to keeping you digitally safe. To learn even more about the details of preparing your company for a cyber-attack, download our free Incident Response Plan Guide. Have questions? Contact us for a free consultation.