The fast pace of digitalisation has introduced a whole new level of cyber risk. Cyber risk dominates headlines, creating high expectations for organisations to protect themselves and their customers against cyber threats. With no industry spared, cybercrime is now a more significant source of revenue for organised crime than drug or arms trafficking. Cyberattacks make headlines daily, so it’s no longer a question of if your company will be breached, or even when – it’s more likely to have already happened. The real question is whether you will know and are you prepared?
Keep all software updated.
- For Windows, Microsoft Office and other Microsoft applications turn on automatic updates in Windows Update.
- For non-Microsoft software, especially browsers, Adobe Acrobat Reader, and other apps, aim for full patch coverage within 48 hours.
- Patch servers as soon as you can. Focusing on Tier 0 systems such as domain controllers and Microsoft Azure Active Directory Connect will raise your security profile.
Decommission Legacy Systems
- Running legacy operating systems increases your vulnerability to attacks that exploit long-standing vulnerabilities.
- Where possible, look to decommission or upgrade legacy Windows operating systems. Legacy protocols can increase risk. For example, older file share technologies are a well-known attack vector for ransomware. However, they are still in use in many environments. Often, many systems, including Domain Controllers, are not recently patched, which greatly aides the attacker in their movement across the environment.
- Use antivirus software and keep it up-to-date and choose passwords well.
- Consider using Windows Hello to log on to your device (requires specific hardware).
- a common problem is that no one looks at them daily or understands a typical environment. Unexplained changes to event logs, such as deletion or retention changes, should be considered suspicious and investigated.
- A security incident event management (SIEM) system can identify unusual behaviours across critical business systems.
- With unusual behaviours identified, employ a Security Operation Centre team (SOC) to further track and investigate the alerts. Quick reaction to suspicious activity is vital for maintaining ongoing assurance.
- Do not open suspicious attachments or click unusual message links in emails, tweets, posts, online ads, messages, or attachments. Be aware that attackers often impersonate your close contacts in an attempt to exploit trust relationships. Remember, you are more important than you think
- Browse the web safely, avoid visiting sites that offer potentially illicit content. Many of these sites install malware on the fly or offer downloads that contain malware.
Only Use USBs and External Drives You Own
- Do not use USBs or other external devices unless you own them. To avoid infection by malware and viruses, ensure that all external devices either belong to you or come from a reliable source.