7 Questions to Assess Your Cybersecurity Readiness
7 Questions to Assess Your Cybersecurity Readiness
Most of us are aware of the ever present threat of hackers and cybercrime. The news has been littered with stories of companies large and small who have fallen prey to the very sophisticated world of hacking and information theft.
In the book, Future Crimes by Marc Goodman, he writes “The more we plug our devices and our lives into the global information grid—whether via mobile phones, social networks, elevators, or self-driving cars – the more vulnerable we become to those who know how the underlying technologies work and how to exploit them to their advantage and to the detriment of the common man. Simply stated, when everything is connected, everyone is vulnerable.”
Many of us are aware of our vulnerability, but do we take it seriously? And, are we taking the right actions to reduce our likelihood of a compromise? Though the threat seems enormous, our reaction seems almost detached. Maybe it is because the threat is unseen or because it seems there is little we can do to prevent it. In fact, there are many actions we can take to prevent or reduce our likelihood of falling prey to cybercrime. Ask yourself these questions to understand your situation.
- What am I protecting? This question is somewhat revealing, and everyone sees it differently. Maybe you are protecting trade secrets, or even information that directly impacts national security. More likely you are protecting the personal information of your employees, your customers, or yourself. And, even if you don’t store that on your network, you are most certainly protecting your reputation. What would it mean if you were hacked and it made the news that the personal information of your employees was exploited? Even if you don’t store this kind of information, what would it mean to your business if your systems were hacked and used to hack others, or to serve out passwords or porn?
- Am I a target? The unfortunate truth is that though some of us are a bigger target than others, everyone is an indiscriminate target of malicious code developed by hackers. This code automatically infiltrates our business networks by the click of a mouse, open of an email, or download of a web page. There is no way to avoid being a target, except to stay disconnected from the web, which for pretty much all of us is not an option. Most of us have asked and answered this question some time ago. It has really become a statement of readiness — Recognize that you are a target and act accordingly.
- Where is the information I need to protect? This seems like an easy question, but in reality it is not. If you hold PII or personally identifiable information, it can often be scattered all over your network. I heard a recent story of an accounting firm that unwittingly had credit card numbers in various places on their servers and PCs. These card numbers were discovered by a network scan that we use to find PII. The scan identified thousands of numbers, however, the accounting firm did not even take credit cards as a form of payment. After digging deeper, they discovered that the QuickBooks files they were downloading from clients to help do their books had thousands of embedded numbers in them simply because their clients did accept credit cards. Identifying PII and taking the right measures is key to protecting yourself.
- What compliance requirements might I be under? Depending on your industry, you might be fully aware of what the requirements are. However, many don’t realize that if you hold any health information, even that of your employees, you fall under HIPAA privacy rules And if you hold credit cards, PCI compliance comes to play. And sometimes companies like law offices hold information from their clients that makes them fall under compliance rules. For instance, the law firm in a personal injury suit stores all sorts of health information, making it necessary for them to follow HIPAA regulation. You may fall under the same compliance requirements as your clients if you are storing personal information sent by them.
- Am I actively training my team? There is a heightened need for awareness from anyone in your company who uses technology. We are just finishing up Ransomware cleanup today for one of our clients who had many of their files locked by a nasty crypto strain. It cost them hours of productivity and cost us hours of time, because it made it through many of the safeguards that are in place and into a user’s inbox. This user chose to open this message, an action which should have been avoidable with the proper training to recognize and avoid these types of messages. People are the new perimeter, and we should focus our attention on helping that perimeter make educated choices about what is safe.
- Will I recognize a breach or Cyberattack? This is a harder question than it seems. Hackers are creating stealth code that often goes unrecognized and who knows what that next strain of malware may be able to do. The real question is will I be able to identify signs of my network having been penetrated? For instance, the signs of Ransomware are quickly evident. Files become inaccessible because they are encrypted, however, many don’t react to this quickly enough. With Ransomware, acting quickly saves lots of time and grief. There are other breaches that may be detected by review of certain log files or by recognizing symptoms. The key is to be aware, have someone doing the proper reviews, have the right alerting software, and have the right team of individuals in place that know how to take the proper action.
- Have I implemented the right preventative measures, tools, and procedures to protect myself? Yesterday’s security 1.0 is no longer good enough. Stepping up to security 2.0 is necessary to stay safe in today’s environment. Encrypting data at rest and in transit is important. Evaluating log files from servers, firewalls, and other devices on an active basis is necessary in many environments. New scans of the Dark Web to periodically see if you have been compromised can be helpful, and even reveal serious breaches. Filtering outbound browsing of your internal employees may be valuable. Scanning your network to find where credit card numbers, social security numbers, bank routing numbers, and other PII reside may also help you protect yourself. All of these things and more are part of the new security.
Whether you are a small business in rural Wisconsin or a Fortune 500 organization, you are a target of the present and growing wave of Cybercrime. The enemy is organized, intelligent, and highly motivated to exploit your information and IT resources for their profit. Though the enemy may seem formidable, there are appropriate steps to take to put your company in a better position to win!
Scott Hirschfeld is the President of CTaccess, a Brookfield IT support company that has been helping businesses stop focusing on IT and getting back to doing business since 1990. Under his leadership CTaccess provides the business minded approach of larger IT companies with the personalized touch of the smaller ones. Connect with Scott on LinkedIn.