PREVIEW:
Stuxnet, WannaCry, NotPetya, Sony, Target, Equifax, Marriott, and Yahoo. The mere mention of these mega cyberattacks continues to haunt individuals and organizations. The impact has been so profound that one executive survey says cyberattacks are their top business concern.1 However, only 11% of senior leaders expressed a high degree of confidence in their ability to assess cyber threats, prevent cyberattacks, and respond effectively.2 Company boards often have two misconceptions about cyber security, says Ciaran Martin, CEO of the UK’s National Cyber Security Centre.3 First, that all cyberattacks are targeted to specifically chosen companies, and second, board-level executives think cyber security is too complex, thus distancing themselves from it. Either or both of these reasons can put an organization’s security posture at risk.
Basic Prevention Principles. The following recommendations can serve as a helpful reminder when reviewing your basic security:
1. Patching: All too often, attacks penetrate computer systems by leveraging known vulnerabilities for which a patch exists, but has not been applied. Organizations should strive to ensure up-todate security patches are continuously maintained across all systems and software.
2. Segmentation: Networks need to be segmented. Apply firewall and IPS safeguards between the network segments so you can contain infections and prevent them from propagating across the
entire network.
3. Review: Security products’ policies must be carefully reviewed, and incident logs and alerts monitored continuously.
4. Audit: Conduct routine audits and penetration testing across all systems.
5. Principle of least privilege: Keep user and software privileges to a minimum. Limit local admin rights on user PCs.
6. Plan for failure: Make sure backup systems are maintained so IT can monitor security measures and react rapidly to a breach.
7. Record: If a breach does occur, the event needs to be recorded. This data can be important in analyzing an attack and can help prevent further occurrences.
8. Testing: For information security to keep pace with hackers, constant tests, risk assessments, updating disaster recovery and business continuity plans are required.
1 “Microsoft: Cyberattacks now the top risk, say businesses,” by Liam Tung, ZDNet, September 19, 2019
2 “How organizations view and manage cyber risk,” Help Net Security, September 19, 2019
3 “Two cybersecurity myths you need to forget right now, if you want to stop the hackers,” by Danny Palmer, ZDNet, February 12, 2019