The top cyber defence actions for you and your business – Part 2

The top cyber defence actions for you and your business - Part 2

While staving off cyber adversaries is an ongoing endeavour, understanding the importance of regular cyber hygiene is a significant part of any business cyber offence strategy.

The only constant in the cybersecurity world is that it is always changing. That’s why businesses of all sizes need to focus on staying agile and proactive about their defence posture to protect their operations and data.

In a recent joint security advisory released by the Five Eyes, an alliance of cyber authorities representing the US, Canada, UK, Australia, and New Zealand, managed services providers (MSPs) were called upon to strengthen their cybersecurity defences and prepare for the observed uptick in malicious threats targeting their businesses and customers specifically. MSPs, like any organisation, are not immune.

That is why any business, MSP or not, should be safeguarding their network(s), allowing them to focus on serving their customer’s needs. Companies that incorporate a thorough security strategy and invest in a well-thought-out security stack have a real competitive edge over companies that operate under vulnerable circumstances. With this checklist, take the target off your back, level up your security posture, and stay out of the crosshairs of hackers.

The second part of this series focuses on how you can ‘Keep Your House in Order’ when it comes to your cyber security hygiene. You can recap on part 1 here.

 

Companies that regularly update their software, operating systems, applications, and firmware can successfully thwart threat actors that exploit known vulnerabilities.

Keep Your House in Order

While staving off cyber adversaries is an ongoing endeavour, understanding the importance of regular cyber hygiene is a significant part of any business cyber offence strategy.

  1. Prioritise Patches & Apply Updates

Stay on top of your updates by making a priority of patching. Companies that regularly update their software, operating systems, applications, and firmware can successfully thwart threat actors that exploit known vulnerabilities. Ensure that you implement updates on internal networks immediately as the patches are released and that web application firewalls (WAF) and network appliances are up to date and configured correctly.

  1. Backup Systems & Data

Having full backups is integral to any cyber security strategy. In the event of a disaster or emergency, having backups guards you against ransomware attacks, in which threat actors attempt to leverage your sensitive data for extortion fees. Key aspects of backup and disaster recovery (BDR) include:

  • Scheduling regular backups that are offline and cloud-based
  • Ensuring backups are organised and frequently reviewed
  • Protecting with passwords and encryption.

 

By storing your critical data in offline backups, cloud backups, or on external storage devices that cannot be accessed from a potentially compromised network, you can safely access your data with little to no interruptions to your operations. Backup data must not be accessible for modification or deletion from the primary network.

  1. Deprecate Obsolete Accounts & Infrastructure

Offboarding isn’t only for Human Resources – there’s a significant impact on an organisation’s security as well. Make sure that you’re taking steps to limit your attack surface by disabling user accounts as part of an employee’s offboarding process, holding audits on your network infrastructure and actioning any remediation items immediately, and regularly identifying and disabling unused systems, services, and accounts.

In part 3 of ‘Top top cyber defence actions for you and your business,’ we will explain how you can ‘Give the Hackers a Hard Time.’

LoughTec: Watertight Cyber Security and IT Solutions