It’s sensible to shore up your cybersecurity defenses in times of heightened threat – but there’s never a bad time improve your security posture. The start of a new year offers a perfect opportunity to put some best practices in place.
We’ve picked out 18 steps you can start doing from today for extra piece of mind throughout 2023. They’ll help to keep your organization safer during unstable times and prepare for long term cybersecurity success too. You might already have some of these bases covered, but there's often a few that have fallen through the cracks during busy periods.
We’d also highly recommend businesses follow the ongoing guidance from NCSC and stay on top of alerts from cybersecurity organizations such as CISA.
1. Patch, patch and patch again!
Keep updating the latest security patches as soon as they become available. This is the best way to stay protected against new security vulnerabilities as quickly as possible. If you’re not patching, you’re a step behind. It’s also useful to consider how your organization reports on patch compliance – do you have the visibility you need?
2. Consider temporarily updating your "threat model"
3. Audit your current cybersecurity practices
Now is a good time to make sure all current devices within your organization are coherent with your policies. There’s nothing worse than having a strong password policy and discovering people have been circumventing it (password managers can really help with this particular problem!).
4. Secure your loT devices
Remember to think about everything that could be on your network, not just laptops and desktop PCs. For example, personal mobile phones, printers, and even smart fridges. These are all potential ways an attacker can get into your organization. In 2016 North Korean hackers nearly stole $1bn from a Bangladesh bank – and they got in via a malfunctioning printer.
5. Enable 2FA (two-factor authentication)
Simply put, it’s harder for hackers to steal two pieces of information than one. It’s best to use an authenticator app tied to a physical device, so you can protect against a SIM-jacking attack. SIM-jacking is where hackers pose as their victims to convince network providers to transfer their numbers to new SIM cards. They can then intercept messages containing codes for two-factor authentication systems.
Requiring an extra piece of information can also protect against attacks where cybercriminals send push notifications to try and gain access to accounts. They exploit the fact many people approve or accept push notifications without really reading them – often due to fatigue from receiving so many.
6. Enforce VPN use
Zero trust network access has an ever increasing presence in organizations, however VPNs are still a core part of many organizations’ ability to secure endpoint devices. If any employees are working in an unsecured location, try to enforce the use of a company VPN. This will secure any business traffic and prevent interception over a potentially unsecured or compromised network.
7. Back up and encrypt your company data.
For mission-critical data, you might want to consider encrypted backups in multiple locations. For example, one local and one in the cloud. In the event of a ransomware attack, backups are crucial for getting your business back on its feet. Make sure your backup policy has sufficient retention policies to be able to restore clean data, and regularly check your processes for restoring this data.
8. Enforce HTTPS connections
HTTPS is the secure version of HTTP. An HTTPS connection uses Transport Layer Security (TLS) protocol to encrypt nearly all information sent between a client and a web service. Enforcing people to only use HTTPS connections reduces the chance of their information being stolen online.
9. Never leave devices unattended!
This sounds obvious but it’s a point worth repeating to your people, especially if you’re a critical infrastructure business. It only takes a second for someone to pick up a laptop bag in public, or even plug in a USB and install a key-logger during a work-based setting.
10. Advise social media caution
Remind people to be careful about what they’re posting on social media. If technology is difficult to breach, attackers will seek to exploit the human element. Social media is a treasure trove of information for cybercriminals searching for clues to passwords or memorable answers. LinkedIn in particular can offer detail of new joiners, chains of command, and vendor relationships – all of which can be leveraged in impersonation attacks.
Make sure you've got some trusted antivirus/anti-malware software installed on all devices used to access your corporate data. And ensure it’s kept up-to-date!
12. Cybersecurity training
Training isn’t a magic bullet that will help people catch every cyberattack – but it’s a good way of reminding people of the key dangers and that everyone has a part to play in securing an organization. Short, engaging refreshers can help keep cybersecurity front of mind.
13. Plan for the worst
Make sure you've got an action plan in place for if you do detect a breach or cyberattack within your organization. Better yet – run through a demonstration of the plan and make sure it’s effective and up-to-date. The more familiar people are with the plan, the more effectively they’ll carry it out in a real scenario.
14. Audit the supply chain
If you can, audit your key suppliers and make sure they're following cybersecurity best practices. Even if your own cybersecurity practices are strong, it’s important to reduce the risk of a supply chain attack vector.
15. Ask for help!
If you don’t have cybersecurity expertise within your business, it might to be time to consider hiring somebody or paying for a contractor to get you up to speed. Don’t let a lack of knowledge be the reason you’re caught out – get support where it’s needed.
16. Physical security
People sometimes consider physical security as a separate issue to cybersecurity – but it’s integral. Make sure your buildings are secure and no unauthorized personnel can access any critical on-premises infrastructure. Employees should also be aware of the dangers of tailgating and unauthorized entry to any area where sensitive information is on view or accessible.
17. Get some pen-tests done
Penetration testing (or pen-tests) are sometimes known as ethical hacking and are a great way to highlight any weaknesses in your current cybersecurity practices. Likewise, you might consider getting a physical security pen-test done for the same reasons.
18. Keep up to date
Cybersecurity news moves fast. It’s important to keep up with cybersecurity threats and news sources so you can stay one step ahead. Having a proactive strategy in place is far less stressful than reacting to threats each time they materialize.