Nick Espinosa
Bulletproofing your business against a cyberattack can help protect you from today’s threats.
Here are the most urgent items to put on your list to quickly prepare your business.
Update ALL Critical Infrastructure, Operating Systems and Software.
We primarily update or patch our computers, phones, wireless access points and everything else to fix a known vulnerability. Ignoring or skipping updates makes hacking into your life much easier. A couple of years ago, we were called into a SMACNA member company due to a data breach where the attacker exploited a known vulnerability in their firewall and got in. If that member had simply kept their firewall up to date, we would have never gotten that call.
Enable Multifactor Authentication (MFA) On Everything You Can.
Gone are the days of only having a username and password to protect assets like email. Now, we’re using Multifactor Authentication (and more) to protect our logins. MFA is free for most platforms, like Microsoft Office 365. Studies have shown that using MFA with an authenticator app has thwarted over 99 percent of account compromises targeting Office 365 accounts.
Ensure ALL Devices Have Threat Detection.
If I break into your network, I will start inventorying everything connected. If I’m able to find a computer without an Endpoint Detection Response (formerly antivirus) agent, I will then use that to leverage my attacks. Make sure everything has threat detection — no exceptions!
Double Check Your Backups.
Periodically test your backups’ recovery capabilities to ensure they’re backing up everything they need to. Also, have onsite backups (if you have onsite servers that need backing up) and send backups to the cloud, as they are much harder to attack. Encrypt your backups so they can’t be stolen and ransomed against you.
Alert Employees To Maintain Vigilance And Look For Threats.
Education is beyond important for a sound defensive strategy. Ensure all employees are properly trained to spot phishing emails, bad sites and more. Also make sure the training is role-based. Individuals with access to things like money need training at least once a month via phishing testing and subsequent training if they fail to spot and block the phishing attempts.
Geo Block Firewalls and Identity Management Systems.
Many firewalls and identity management systems give an organization the ability to block all traffic coming to their systems. Don’t have clients or business interests in Russia? Then why can Russia see your firewall when you can tell your firewall to turn into a black hole for all internet traffic except for traffic from countries where you do business? Why do your company logins work in Russia as well? Make sure those are locked to where you are geographically.
Industrial Control Systems Should Be Tested To Ensure They Work Offline.
If the internet goes down, does the HVAC controller stop working? That was a problem with Google Nest devices in many homes. Google had a major outage, and people couldn’t use their thermostats to heat or cool their homes while they were down. Can your customer’s buildings still heat and cool without internet? If there are other critical industrial control systems at play, can they also work offline?
These are only the most critical steps to securing your business from an impending cyberattack. We don’t know how far the current war in Ukraine will escalate, but if Russia must retaliate against the West, their best bet is to launch infrastructure attacks against us all. Following these basic steps will make your business that much harder to hit.
Nick Espinosa is a cybersecurity expert, working with companies to design custom cyberdefense strategies. Learn more at www.securityfanatics.com.
