The top cyber defence actions for you and your business – Part 3

20 Jun 2022

The only constant in the cybersecurity world is that it is always changing. That’s why businesses of all sizes need to focus on staying agile and proactive about their defence posture to protect their operations and data.

In a recent joint security advisory released by the Five Eyes, an alliance of cyber authorities representing the US, Canada, UK, Australia, and New Zealand, managed services providers (MSPs) were called upon to strengthen their cybersecurity defences and prepare for the observed uptick in malicious threats targeting their businesses and customers specifically. MSPs, like any organisation, are not immune.

That is why any business, MSP or not, should be safeguarding their network(s), allowing them to focus on serving their customer’s needs. Companies that incorporate a thorough security strategy and invest in a well-thought-out security stack have a real competitive edge over companies that operate under vulnerable circumstances. With this checklist, take the target off your back, level up your security posture, and stay out of the crosshairs of hackers.

The third and final part of this series focuses on how you can ‘Give the Hackers a Hard Time.’ You can also recap on both part 1 and part 2

Give the Hackers a Hard Time

Enforce Multi-Factor Authentication (MFA)

Focus on implementing app-based MFA for every product that supports it – particularly ones that are internet and web-facing. It is widely recommended to use app-based MFA rather than SMS-based MFA to combat situations where adversaries conduct SIM swapping attacks or use stolen credentials to authenticate and forward your calls/texts.

Apply the Principle of Least Privilege

1. Operate with a Least Privilege mindset and concept of operations. A common element of breaches involves the theft of Windows domain accounts which enable attacks that can evade automated security detection technologies.

2. Don’t make it easy for threat actors to exploit your user accounts and move laterally in your networks. Nip their actions in the bud by implementing the Zero Trust model. This model works by eliminating the concept of trust from the inherent architecture of your operations. Zero Trust:

•     Requires each user and machine to authenticate before granting access and need-to-know permissions,
•     Segments networks so threat actors can be more easily detained before they further their foothold within your systems, and
•     Minimalises exposure of your network’s most sensitive or critical data.

We recommend that you map out the user roles needed to sustain your operations and then attribute the specific permissions each role needs to perform its associated tasks.

Manage Authorisation for Remote Monitoring & Management (RMM)

Treat your RMM software as your crown jewels. RMMs are crucial to your operations but they are the best legitimate backdoor when leveraged by threat actors. Ensure that MFA is enabled on your RMM and regularly monitor your logs for login events and scripts.

Combining Managed Detection and Response (MDR) technology with a 150-person strong, 24/7/365 Security Operations Centre (SOC) is the best and most cost-effective way of protecting your network from cyber threats.

Contact Cyber Security Company LoughTec for a free no-obligation discussion on your business cyber security posture. Call +44 (0) 28 8225 2445 or email info@loughtec.com.