Awareness; knowledge or perception of a situation or fact.
Appreciation; a full understanding of a situation.
Cyber Security Appreciation
“My business has been hacked. Now what?” Here are the steps you should employ immediately.
Hire a Professional – When a business is hacked, it is entirely possible they were compromised because they did not employ technicians to prevent it in the first place. Therefore 3rd parties that specialize is security and breach mitigation should be contacted immediately. These IT security professionals specialize in prevention and containment. Their role proactively is to seek out vulnerabilities by utilizing vulnerability scanning software to seek out points of entry and patch those vulnerabilities prior to an intrusion.
Change and Reset Passwords – Many hacks begin with compromised passwords. Easy to guess/easy to hack/easy to crack passwords make the hackers job, well, EASY. Never using the same password twice, and utilizing upper case, lowercase and characters along with using a password manager ensures password security.
Update All Software – Begin by scanning all hardware and software with anti-virus programs and removing viruses. Vulnerabilities are often due to outdated software or operating systems riddled with flaws. Updating with critical patches eliminates these threats. Maintain redundant networked hardware systems in place, backed up data, contingency plans to put duplicate systems online immediately following a breach.
Update Your Companies Hardware – Old outdated hardware simply can’t keep up with the requirements of newer robust software or the security software required to keep networks secure.
Back Up All of Your Data – You have to make sure that you are regularly backing up data to a secure location. This data should also be encrypted.
Manage All Identities – Make sure that you are managing identities and access to accounts. You must do this across the board, as just one account being accessed could make you or your network extremely vulnerable.
Utilize Multi-Factor Authentication – You can use multi-factor authentication to keep accounts protected, too. This means every time a device or an online account is accessed, an additional text message must be sent with a one-time pass code or a one-time pass code sent to a key fob. There are hardware devices available that are also forms of second factor or multi factor authentication.
Security Awareness Training – Assuming employees know what to do and more importantly, what not do, is risky. Providing effecting ongoing security awareness, and in the authors opinion “security appreciation training” is partnering with employees to protect the network.
Patching – Set up a system so that you can always ensure that your hardware and software is always patched and updated on a regular basis. This helps to keep your data safe.
Align Your IT Security with Other Business Security – Those who are in the IT industry often feel as if they are struggling to keep up with changing technology, including security tech. The success of a business is based on keeping it secure, and keeping all types of security in mind including IT security, has a direct impact on revenue.
Recognize Social Engineering Scams – Every time the phone rings, every time an email comes in, every time an employee opens up a US postal letter, be suspect. Criminals contacting you or employees will try to bamboozle them with gift card scams, utility bills scams, invoices for products and services, you name it. There are thousands of scams designed to fleece consumers and small businesses.
Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.