In Part 1 and Part 2 we discussed how to protect your business from cyberattacks and what recovery steps to take if you get hit. For this final part, let’s talk about how you can use a breach to make more informed security decisions moving forward. After the threat is contained, your IT staff or third-party professionals should perform their due diligence to learn from the incident. Besides reinforcing employee vigilance and updating threat detection policies, here are a few additional cybersecurity measures to consider.
1. Make Full Backups of Essential Business Data in the Cloud
If you don’t currently back up your data, don’t backup often enough, or your storage hardware is outdated, you’re creating unnecessary risk. Calculate the impact on your company if info is lost and schedule backups that narrow the window. Automatic incremental backups (hourly/daily/weekly) ensure that data can be easily and virtually restored instead of manually recreated. For extra redundancy, store your data in multiple off-site locations, including the cloud.
2. Perform Regular Security Testing
Using a controlled simulation, you can determine how your updated security features will react to a real cyberattack. The data from this exercise highlights vulnerabilities in your system, allowing you to clearly see the areas in need of improvement. Frequent testing and the subsequent corrections you make could save your business a lot of money and hassle.
3. Lean on Cybersecurity Expertise
Cybersecurity is a multi-layered, continuously evolving thing. When considering both short and long-term responses, partnering with an expert may be the most effective option. A Managed Service Provider works with you to assess your current defenses, identify the gaps, design new security protocols, and monitor your networks 24/7/365.
Real-World Examples
-
In April 2019, Genesee County (MI) was attacked by a ransomware virus that locked down their computers. “Restoring the system has been expensive — an estimated $200,000, not including employee overtime costs”, says County Board Coordinator Josh Freeman. In response, the county decided to hire a new cybersecurity professional to monitor their systems.
-
Maersk, a Danish logistics company, was hit with malware in late June 2017. The virus blocked access to almost all their data, wiped out phone lines, and damaged their DHCP and Active Directory. Eventually, Maersk was able to reverse engineer the virus and use backups to restore some of their data. Head of Technology Adam Banks shared some thoughts about the situation, “Automated protection is worth its weight in gold. And Privileged Access Management (PAM) takes on increasing importance. With a more limited number of privileged accounts, it is reasonable to assume that a much lower number of machines would have been infected, something like 5,000 rather than the 55,000 seen at Maersk.”
In summary, it is more than likely your business will experience some form of cybercrime. Take the time to build a resilient cyber strategy by backing up your data, testing digital security, and consulting with IT professionals.