in Resources

8 Cyber Security Best Practical Practices

Cyber threats are growing more sophisticated and dangerous, making strong cybersecurity vital for every organization. As both an IT professional and cybersecurity enthusiast, I want to provide a comprehensive guide to cyber defense strategies you can implement to reduce risk and thwart attacks. This article outlines steps to secure your data, systems and operations based on leading industry standards and my experience helping clients improve their security posture.

Use Strong Passwords and Go Beyond with Multifactor Authentication

Weak passwords remain one of the most common entry points for attackers. Here are steps you can take to strengthen access controls:

  • Require employees to use passwords with 12+ characters, combining upper and lowercase letters, numbers and symbols. Set passwords to expire every 60-90 days.
  • Ban common passwords and repetitions of the same character. Maintain a blacklist of the top 100 worst passwords that cannot be used.
  • Enable multifactor authentication (MFA) for remote network access, administrator accounts, email, and any system containing sensitive data.
  • Use a time-based one time passcode (TOTP) app or security key as the second factor when possible for better security than SMS codes.

According to a 2022 Data Breach Investigations Report from Verizon, over 80% of hacking-related breaches involved brute forcing weak credentials. The report also found that enabling MFA blocks over 99% of bulk phishing attacks.

As an IT advisor, I highly recommend implementing the above controls to significantly strengthen access protections.

Maintain Rigorous Patching to Eliminate Exploitable Flaws

Once vulnerabilities in software are discovered, hackers can develop exploits and launch attacks before vendors issue patches. Here‘s how to stay on top of patching:

  • Use a patch management tool to automate deployment of updates across all systems as soon as vendors release them.
  • Catalog all hardware and software assets in a configuration management database (CMDB) to track versions and end-of-life status. Replace unsupported assets.
  • Subscribe to vulnerability notification services to stay informed of new flaws identified by CVEs. Prioritize patching based on severity scores.
  • Conduct periodic vulnerability scanning and penetration testing to find unpatched assets. Have a process to rapidly remediate critical findings.

Statistics show the vast majority of compromises stem from unpatched vulnerabilities. One survey found 78% of security experts believe poorly patched systems are the most likely attack vector. Automating patches and having visibility of assets is essential.

Implement Layered Network Security

While cyber defenses should be multifaceted, securing the network provides major protection against intrusions. Here are some best practices:

  • Use next-generation firewalls and IPS devices to monitor traffic for anomalies and block known attack signatures.
  • Segment the network between zones using VLANs and ACLs. Limit communication between segments to only what is required.
  • Require VPN connections for any remote access and use strong encryption protocols like OpenVPN. Disable split tunneling.
  • Fortify wireless networks with WPA3, MAC filtering, and SSID broadcasting disabled. Use a guest network for BYOD devices.
  • Monitor bandwidth usage patterns for sudden spikes that could indicate an attack.

Adding layers of network access controls provides greater depth of defense. Limiting lateral movement also contains damages if a breach does occur.

Backup Religiously and Verify Recoverability

Having reliable backups can be a lifesaver if ransomware or a disaster strikes. Here are tips to implement robust business continuity protections:

  • Use the 3-2-1 rule – 3 copies, 2 different formats, 1 offsite. Combine onsite incremental, offsite full backups.
  • Store backups offline and immutable when possible. Cybercriminals can‘t infect what they can‘t touch.
  • Perform test restores monthly and after major software/infrastructure changes to confirm backups are working properly.
  • For archival data with long retention requirements, add a cold storage tier for additional isolation.
  • Backup systems, configurations and access control lists in addition to data. These are needed for complete recovery.

My experience has shown that organizations often underinvest in backups until it‘s too late. Having resilient processes with air-gapped copies limits potential damages significantly.

Adopt a Zero Trust Approach to Access Controls

The perimeter-only security model is no longer sufficient with remote work and cloud. Zero trust access principles provide greater data protection:

  • Implement strict least privilege access with role-based controls and separation of duties. Conduct access reviews quarterly.
  • Provide access to only the specific data/systems needed for each user‘s duties – nothing more.
  • Use microsegmentation, software-defined perimeters and application-level controls to enforce on-system protections.
  • Log, monitor and analyze user activity patterns to catch abnormal behavior. Disable inactive accounts after 30 days.

Zero trust focuses on data/assets as the priority, assuming breach likelihood. By hardening internal defenses and logging, damages can be limited if credentials are compromised.

Make Security Training Engaging and Actionable

Employees play a crucial role in prevention and response. Make training interactive and role-relevant:

  • Use real examples of past breaches at other companies to illustrate risks. Tie lessons back to your organization‘s data.
  • Incorporate hands-on elements like simulated phishing emails to keep audiences engaged. Measure susceptibility rates.
  • Include quick action guides and refreshers on handling data securely, identifying social engineering, and reporting incidents.
  • Require annual training for all employees. New hires should complete security orientation within a month.
  • Develop differentiated training for privileged users like system administrators who pose greater risk.

Studies by Google show even simple training can reduce successful phishing attacks by 60-70%. Creative content delivers messages that stick with users.

Rehearse Incident Response Procedures

To enable smooth breach response execution, be sure to:

  • Document incident response plan with stakeholder contact info, ops procedures, forensics tools, and communications protocols.
  • Maintain emergency contact info for police, regulators, cyber insurers, IT providers, PR, and legal counsel.
  • Identify critical assets and tiered recovery time objectives for prioritizing restoration.
  • Test via tabletop exercises at least annually. Identify plan gaps and document lessons learned.
  • Expand cloud logging and monitoring capabilities to improve detection and response workflows.

Practice makes perfect – rehearsing and testing plans builds muscle memory. Critiquing then strengthening plans based on findings enables continuous improvement.

Explore Cyber Insurance to Transfer Risk

While cyber insurance should not replace security best practices, it provides helpful risk transfer:

  • Policies can cover costs like legal, forensics, notification and credit monitoring, rebuilding systems, PR, and business interruption.
  • Ransomware attack payments may be covered up to a sublimit, but never recommended.
  • Insurance can offset costs of third party lawsuits related to data compromise or outages.
  • Carriers mandate certain controls and precautions be in place to even qualify for coverage.

According to Ponemon Institute research, having cyber insurance reduces the average cost of a data breach by over $200,000. But not all policies are equal – understand exclusions and sublimits.

Stay Vigilant via Assessments and Threat Monitoring

Finally, ongoing security maintenance activities help identify and address gaps:

  • Perform vulnerability scans and penetration testing every quarter to surface patchable flaws.
  • Conduct phishing simulations and access review audits semiannually. Tweak awareness training based on findings.
  • Complete risk assessments whenever systems or buildings change to identify safety impacts.
  • Participate in cyber intel sharing programs to stay on top of new attack techniques, campaigns and adversaries.
  • Designate IT staff to monitor emerging cyber threats, vulnerabilities and security vendor alerts.
  • Discuss cyber trends, regulatory changes and lessons learned during monthly security meetings.

Regular assessments provide health checks while threat monitoring gives forward-looking insights to get ahead of the next wave of attacks.

Now Go Implement a Resilient Cyber Defense Posture!

I hope this overview has provided you with many actionable ideas to secure your organization‘s sensitive assets. Please reach out if you need any assistance designing and implementing cybersecurity solutions customized to your unique risks. With strong defenses and preparations in place, your company can operate confidently while repelling the growing tide of cyber threats. Here‘s to staying secure!

AlexisKestler

Written by Alexis Kestler

A female web designer and programmer - Now is a 36-year IT professional with over 15 years of experience living in NorCal. I enjoy keeping my feet wet in the world of technology through reading, working, and researching topics that pique my interest.