We can’t go a day without hearing about yet another massive data breach, cyber-attack, payment system hack, or email phishing scam. The onslaught of cyber-crime news has led to a new term of “cyber security fatigue” where people are becoming desensitized to cyber security because they are constantly bombarded with stories about the cyber-criminals winning. It has been said that cybersecurity teams must be right 100% of the time to stop cyber-criminals but a cyber-criminal only must be right one time. We hear all the time about the times cyber-criminals have won the battle but rarely if ever do we hear about a win by the good guys.
But cybersecurity fatigue is not an excuse to wring our hands in despair that we will never win the battle against cyber criminals. There are a few fundamental things out of the hundreds of specialized cybersecurity solutions that we can all do as business owners to bolster our cyber defenses and halt the attacks by cyber-criminals. While there are no guarantees in life or cyber security, we must at least put up a good fight and defend ourselves or face the possible consequences that our insurance companies will come back and refuse to cover a cyber incident because a “best effort” to secure the business was not taken.
If you think of your cyber security strategy like an onion, this is the best approach to a sound cybersecurity strategy. You want layers of protection to stop the cyber-criminals at the points where they enter your networks.
- At the Edge – Have good, up-to-date, and robust perimeter defense. Stopping bad actors before they reach the your network is key. Plus there may be devices on your network that cannot be protected with traditional anti-virus such as the Internet of Things (IoT) which typically do not allow software installation so it is important to protect the network that they reside upon especially given that IoT manufacturers are falling behind in properly building security into their products.
- At the Endpoint – Having good (not freemium), up-to-date, and advanced antivirus/anti-malware protection on every endpoint. The days of signature-based antivirus are over and several of the new players in the market have realized that machine learning, sandboxing, and file monitoring are the way to go.
- Network Monitoring – Add another layer for when/if the edge and endpoint fail to stop a cyber-criminal, having a network monitor to detect anomalous activity is a great asset if your budget allows for it. Newer companies are leveraging machine learning and artificial intelligence to detect unusual behavior, filter out the noise, add visualization and let administrators concentrate on fixing potential issues rather than filtering through thousands of log entries.
- Backups – If there was a silver bullet to stopping malware and ransomware attacks, it would be to have good backups that allow your business to restore to a point before the attack occurred. Besides having backups, it is vitally important to test the validity of backups as well as ensuring that all the necessary data and programs are properly backed up. There’s nothing more distressing to a business owner than thinking that they have backups and then trying to restore following an event to find that the backups had incomplete data or that the data was corrupted or even worse, that the backups failed to continue running some time ago.
Both perimeter and endpoint protection are both 100% must haves for a sound cyber security strategy for any business, regardless if you have 1 or 10,000 employees, and any individual with IoT devices in their home.