As we enter a brand new year, it’s important to look ahead and develop a better cyber strategy for safety and security. 2018 was a big year in data breaches with companies and enterprises facing new challenges in data protection across many different facets of their business. As a result, we should apply more effort and energy at all levels of an organization to increase security procedures and framework for a more protected data operation in 2019. A dynamic cyber strategy will set the tone for the remainder of the year, and will make a positive, impactful change on your business.
Have an incident response plan
Is your business prepared to respond to a cyber incident and create a roadway to recovery? It’s increasingly common to see small and medium sized companies ill-prepared to handle these situations and react in the proper manner. It’s good practice to have a blueprint of how your employees and information technology associates will respond and be aware of the situation. Awareness and preparation can quickly become the biggest asset in any incident response plan, and will be a foundation for a successful cyber strategy.
Creating a structure for an incident response plan will vary for many different organizations based on size and industry. The most basic incident response plan should include the protection & recovery of your most important data. Once this Communication is an essential role in the incident response plan. Members of the organization should be able to articulate and communicate their concerns and duties when it’s time to handle an incident of data security. Knowing who to go to, and what is to be done is essential for moving forward smoothly during and incident, reducing down time.
Schedule regular updates
A simple technique in creating a more secure framework for your business is to update all firmwares & softwares regularly. Cyber criminals often target vulnerabilities in outdated patches that can create a back-door entrance for data theft. Updating on a consistent agenda will block this activity and improve the overall security of the platform. Another benefit of updating on a regular basis is you will receive the most modern features of the software, which often results in better and faster performance.
The most recent campaign from the National Cyber Security Alliance, #UpdateMeow, was an example of all the positive effects that can happen when you update regularly. Don’t ignore the notifications that alert you to update to the newest version of the software you’re currently using; it’s a signal that something important needs to be patched.
Enable Two-Factor Authentication
One of the most modern and effective ways to help improve the security of your online accounts is to enable the Two-Factor Authentication setting. This is a feature that will require two forms of login credentials to gain access into platforms such as email and social media. It’s highly effective because if one of your login credentials becomes compromised, your secondary backup will keep your account more protected.
Security manufacturers like Yubico have done an excellent job at constructing new lanes for Two-Factor Authentication with their products. New accessories like the YubiKey 5 allow users to securely login to their Microsoft accounts and G-Suite organizations with modern-grade encryption and design. Having more members of the business regularly implement 2FA will keep more information safe from outside sources.
Implement modern security training
We find often businesses do not provide modern security awareness training. Cyber security is an evolving element of business surveillance, and as such we should treat our efforts to train & educate with the same attitude and discipline. Employees need to be aware of all the current ways cyber crime is affecting businesses in their industry, which could better help prepare and prevent a similar attack from occurring at their organization. Develop a calendar which clearly outlines your cyber security training and how it will reflect the current trends of data protection.
Another way to improve this disconnect is to develop better cyber security culture at the organization. There is often a disconnect between the average employee and the greater security needs of the business. When an employee feels more connected to the security efforts of the institution, it will drastically enhance data safety. A business is a team, and every member needs to be engaged and actively defending against potential threats. In 2019 work with your business team to become a cyber security force.