Part 2 of 2
Having a cybersecurity toolkit for your small business will ensure that you are prepared for any cyber attack or breach.
Cybersecurity is one of the top considerations and should be considered part of the cost of doing business. Small companies are often left out with little or no information, abilities, or resources to protect their investments. Implementing best cybersecurity practices can be a challenge for most small companies, however, organising system-wide actions can save time, money, and a company’s reputation against cyberattacks. Creating a cyber readiness culture means that everyone in the company must be educated and on board with the information and plans of response in the event that a breach or attack is detected.
Your Sensitive Data
Every business has intellectual property that is the basis for which you have built a company. Ensuring that the data is protected is of the highest priority. They should be aware of where the data is stored and processed as well as any/all information that is transmitted. Managers should be an integral part of contingency plans involving data system recovery in the event of a system problem and confirming single and multiple backup locations.
Service Providers and IT Professionals should not only be aware of but maintain updated information on all areas of the system:
- Know what data resides on the network and where and maintain consistent inventories of all sensitive and/or critical information.
- Create a standard procedure of regular automated backups and design key system redundancy.
- Know the methods that protect the data including physical security, offline copies, and encryption.
- Enhance the system with malware protection.
- Maintain constant updates on all security software.
- Monitor and manage the status of the network and any peripheral components including host and device, user activities, and data-at-rest and in-transit.
Response to Compromise
Have a response/recovery strategy in the case of a system attack and/or compromise. Fast and efficient response by all staff responsible will reduce risks.
Management and Supervisors must focus on damage limitations and plans to return operations to normal status as quickly as possible. The strategy must be set in place before there are any compromises so that they can prepare and plan for it, conduct potential cyberattack drills, and corresponding actions. Reaction to a compromise is time-sensitive and needs to be addressed immediately to reduce system failures. All staff must be trained so that they know the procedures, who to communicate with and report to during a potential cyberattack.
Service providers and IT Professionals will often be at the heart of any cybersecurity problem. Their readiness can make or break any return to normal business and any loss of critical data.
- Have a relationship with a professional cybersecurity company to assist in the development of risk analysis, response to an incident, and disaster recovery plan in place. The plan must outline all responsibilities, contact levels, and roles and be consistently tested.
- Have an emergency contact list of all individuals and organisations to contact for help including vendors, outside partners, law enforcement, industry responders.
- Identify which systems require priority recovery to assist in business impact.
- Create an internal reporting structure for detecting, reporting, and communicating to reduce any attack crisis.
- Have actions ready to put in place in-house to limit or contain any cyberattack impact.
The Order of Bringing System Back Online
There should be an organisational list of what to do in case of a system breach or cyberattack that may have affected your system or network. All staff members should be alerted as to who is responsible and the communication methods and check-off areas of each step.
Data Backup: It’s recommended that all companies have multiple, continuous, and separate backups for their systems. In this way, if one backup has been breached during an attack there will be alternates to rely on.
The use of Multi-factor authorisation will reduce if not eliminate any unauthorised attempts at system access. Administrative privileges should be limited and all remote, as well as standard users, monitored.
Replace all operating systems, hardware and software that are unsupported or old. Deploy automated updates and test any patches quickly.
“Da Vinci Forensics has a team of professionals that will work with small businesses, the IT staff and all employees to educate, monitor, and accomplish risk analysis. We are available as a partner to assist in case of a crisis or breach and help the IT department members so that they can safely and securely bring a network back online.”
Da Vinci Forensics
Source:
Image by Markus Spiske
CISA.gov