October is Cyber Security Awareness Month and although we always encourage cyber security awareness year round, it’s a time when we encourage a new focus on cyber security.
If you look at the news from anywhere around the globe, you see breach after breach. It impacts every business vertical, most government organizations, and impacts consumers via tax fraud, identity theft, user credential harvesting, and worse, online child predators. The U.S. Department of Homeland Security has a ‘Stop, Think, Connect’ campaign which offers sage advice on what we should and shouldn’t do when connecting to the Internet.
Here are some simple recommendations for businesses and governments to review and ensure they’re practicing all year round.
- Do you have an Incident Response Plan? Do you practice it? Is it updated yearly?
- Do you review your security architecture to ensure its viable against todays threats?
- Do you hunt for cyber attacker activity inside your environment?
- Do you conduct regular vulnerability assessments?
- Are you monitoring for advanced threats?
- Are you training your user populations?
- Have you considered gamification for your user security program?
The list could go on and on, but these are a few simple practices to ensure your cyber security environment is evolving as the cyber attackers advance their tactics to successfully breach your systems. If you need additional assistance, there are many government organizations and non-profits focused on helping government(s) and businesses alike to secure their enterprises.
Whether you’re part of the Critical Infrastructure or not, a good starting place to create a more secure business is here.
If you’re part of a government organization another good starting point is also at NIST, where their Security and Privacy Controls can help you put in place proper security controls.
The Center for Internet Security also monitors and updates the Top Twenty Critical Security Controls, which can help your organization start to minimize your exposure to security threats.
This month is a reminder that it’s important to focus your efforts on securing your enterprise as security experts globally continue to see and report on cyber attacks emanating from organized crime, nation-states, hactivists, and terrorists. This problem continues to spread and isn’t going away any time soon. Since our problem is adversary related, it means we must constantly be vigilant. FireEye can also help you through this sometimes difficult and complex process to strengthen your security and minimize the potential impacts of breaches. Just remember that although this is Cyber Security Awareness Month, it doesn’t mean the adversaries are taking the eleven other months off for vacation.