6 Steps to Cyber Safety from Peter Cavrell
- Understand Your Risk: Identifying and understanding cybersecurity vulnerabilities is critical because that awareness will lead to a prioritized list of security gaps and is the first step to planning, budgeting, and remediating weaknesses. A risk assessment will identify the assets that could be impacted by a cyber-attack: critical operational and financial data, consumer and employee data, intellectual property, and where that data resides – servers, laptops, and network hardware. An assessment will reveal the risks unauthorized access to those assets could create for the organization. Having a quality assessment is a critical component of cyber safety.
- Training: Training should emphasize the importance of data security and the responsibility of each employee to protect the organization’s data. Cybersecurity must become part of your company’s culture. Remember, both organizations and its employees have legal and regulatory obligations to protect the privacy, integrity, and confidentiality of its data.
- Multifactor Authentication: Multifactor Authentication (MFA), also known as Two Factor Authentication (2FA), requires a user to confirm their identity. With MFA, a user must verify their identity by providing TWO pieces of information, usually a pin and their password.
- High Efficacy Managed Patching: Software patches are a crucial form of protection against cyberattacks because they fix known weaknesses that allow unauthorized access to a company’s devices and network. It’s one of the top attack vectors.
- Endpoint Detection and Response (EDR): EDR is next generation, AI powered, heuristic software installed on an organization’s devices (such as its laptops, desktops, tablets, smartphones, and IoT devices) that monitors behavioral data to detect and respond to cybersecurity threats.
- Managed Backup Strategy and Program: If a cyber incident happens, it is important to be able to restore affected systems and devices with clean, recent, and uncorrupted backup data. Determine what data should be backed up, how often, and how it will be backed up. Make sure to test your backup to ensure it works properly.