In similar nature to financial markets and other areas of business operations, levels of risk naturally fluctuate due to the influence of external events. While a cyber-attack can take place at any moment, there may be times when the cyber threat to an organisation is greater than usual.
Due to the vast nature of the cyber security landscape, it is near on impossible to predict the exact threat to organisations. However, some of the most common forms of tactics utilised by hackers and scammers include:
- Ransomware and malware attacks
- Distributed Denial of Service attacks (DDoS)
- Email and messaging phishing attempts
What can you do in periods of increased risk?
In times of heightened cyber threat, it is vital to strike a balance between the threat level, the measures needed to defend against it and the impact of a potential attack. Moving to a heightened alert level can allow you to:
- Help prioritise necessary cyber security work
- Offer temporary boost to defences
- Give organisations the best chance of preventing a cyber attack
So what can you do?
Check your systems for updates and patching
One of the most common ways for a hacker or malicious actor to gain access to your systems is through outdated or unpatched networks, systems and tools. Although you should proactively check these vital parts of your business regularly, in times of increased threats, you should ensure:
- All devices are up to date, including those who run third-party software
- All internet-facing services are scanned and patched against any known security vulnerabilities
- All mission-critical databases, systems and networks are free of vulnerabilities; where vulnerabilities cannot be solved immediately, ensure mitigations are in place
Access control
Whilst it is often unintentional, the biggest cyber risk to a business is its employees. With this in mind, IT teams are encouraged to verify access control and encourage staff to ensure their logins are personal and unique to your business. Finally, review who has access to your systems and where necessary remove any inactive accounts. Other points to consider:
- Develop a password policy
- Enable multi-factor authentication
Ensure your defences are working
In instances of increased threat, it is vital to ensure your defences are working as intended. In doing such a task, you should examine every part of your current cyber security protocols including:
- Firewalls – specifically check temporary rules that have been left in place beyond their lifetime
- DDoS and traffic filtering systems
- Phishing and spam filters
- Ransomware attention
Review your backups
With ransomware attacks on the rise, malicious actors are constantly looking for new ways to render your mission-critical data useless.
To mitigate against such threats, it is imperative you ensure your backups are running correctly. Where necessary, perform test restorations from your backups to check data and files have been pulled correctly. Within this make sure your data is accessible in an offline environment.
Third-party access
In today’s service-based economy, working with third-party providers has become the norm. In the instances where external businesses have access to your systems, it is recommended you have a complete understanding of their operation and level of access to your system. Where access is no longer needed, it is vital, that you revoke their access immediately.
Brief your organisation
Often the greatest line of defence your business can implement is awareness training. Ensure your employees are aware of the current threat level, the most common tactics, what to do if you receive a suspicious email and how to report it.
Are you looking for some guidance with your cybersecurity or cloud strategy? Get in touch with our experts for a free consultation on 0800 612 2524 today or email [email protected]
