What is the best way to protect my company from cyber threats?
How do I protect my company from cyber threats? The short answer is: a comprehensive cybersecurity strategy. This strategy should include a combination of technical and behavioral measures, made into an enforced policy, and as a layered approach. I will try not to reference any specific product, and stick to the types of tools I use. This is not necessarily comprehensive but rather a starting point if you’re starting a new (or revamping an existing) cybersecurity strategy.
- Firewall – one of the most effective hardware-based measures you can take to protect your company from cyber threats is to deploy a firewall. More sophisticated firewalls will be able to deploy SIEM logging, advanced DNS security, sandboxing, and other great security tools.
- Anti-Malware – another important technical measure is the use of antimalware software. Antimalware software is designed to detect and remove malware, such as viruses, worms, and Trojan horses, from a company’s computers and servers. Today’s antimalware programs are specifically designed to keep up with the alarming rate that malware is being generated. These next-gen antimalware programs use “AI” to analyze data in a way that traditional software could not. Here are some signs that your antimalware is insufficient:
- It’s Windows Defender (not my analysis)
- It is primarily signature based
- You bought a version of it, and you have to pay more to get updates
- RMM – using an RMM tool can help protect against one of the most simple attack vectors – vulnerabilities in your software. If you do not have one, get one – they are inexpensive and worth their weight in gold.
- Backups – Finally, having a solid backup and recovery toolset will be your last resort when the worst-case occurs. Consider using an Immutable Storage device to keep your data secure.
A modern threat requires modern protection. We encourage you to reach out (to us, or anyone) if you not aware of what these types of tools can do to protect your business from cyber threats.
- Security Operations Center (SOC) – a SOC will review cyber events, analyze threat, and report back. This is an affordable service everyone should be using.
alternate: managed detection and response (MDR) service
- Cloud Security – with more cloud based applications, it is important to dedicate resources to protection your cloud environment.
- Multi-Factor Authentication – MFA is the future of password resilience. Here’s what Microsoft says about it.
- Vulnerability Scans – scan your entire network (from within, and externally) for threats to your network.
The Not So Obvious
- Penetration Testing – a vulnerability scan on steroids. CTS can actually mimic a real attack on your network to identify points of penetration. Companies have historically spent $20,000+ on these services. However, with today’s technology it can be very effectively done for a small fraction of that, without loss to efficacy.
- SIEM Log Monitoring – logs actually require review (no, having logs is not enough). This will aggregate multiple logging tools into one resource, and use an AI or SOC team to analyze the logs for threats.
- Dark Web Monitoring – monitors the dark web for login credentials, personal information, etc so your company can proactively prevent threats.
- Cloud Security Backup – Microsoft, Salesforce, Google, Amazon (pretty much everyone else) is NOT backing up your data.
For the Compliance Minded
Do the letters HIPAA, PCI, NIST, ISO, FedRAMP, or GDPR haunt you both day and night? While security frameworks can be daunting, they can also be your competitive advantage. CTS can say from direct experience that there are tools available to give you hundreds of hours back in your day, and money back into your budget. Ask us about compliance management (it’s a bit too complex for this specific blog post).
Behavior Based Methods
In addition to technical measures, it is important for companies to implement non-technical measures to protect their data from cyber threats. This includes
- Security Awareness Training – educate employees about safe network behavior.
- Policy Implementation and Review – establish policies to promote this behavior.
- Phishing Testing – send fake phishing emails, and educate those who do not comply with policy.
- Phishing Reporting – create a phishing@… email address on your domain so that users can report phishing attempts.
To Sum Up
Overall, the best way to protect a company’s data from cyber threats is to implement a comprehensive cybersecurity strategy that combines technical measures with behavioral measures. It is also important to think about the unknowns (what aren’t you thinking about). By taking these steps, companies can greatly reduce their risk of a cyberattack and protect their valuable data.