In the current scenario, companies should evaluate their security programs with the understanding that regardless of the amount of firewalls and network controls, the risk of internal threat it will always be there, and this is many times greater than the external threat.
In light of the current threat landscape, which is constantly evolving and growing, in addition to new technologies such as Internet of Things (IoT), Bring You Own Device (BYOD) and the growing remote work scenarios, one thing is clear: the strength of an organization's cybersecurity depends on implemented internal good practices.
It is increasingly important for organizations to keep in mind: how they are effectively prioritizing cybersecurity
Some minimum strategic measures that must be implemented:
- Apply all available patches immediately and stay up to date on your software in use. If there are no more patches available, stop using the software or operating system in question.
- Segment your networks internal to isolate any infection by malware or attack that may arise.
- Perform regular social engineering tests on your employees to actively demonstrate what improvements and training is needed. It is important to ensure that your employees are aware of how online behavior can make them more vulnerable.
- Perform regular network penetration tests to identify flaws and vulnerabilities in your corporate networks. If you don't have the talent internally, hire a third-party security company to do this. See more about it on here
- Know your main assets, including the data. What are the most important data points integrated into your business and how do they need to be protected?
- Incorporate Threat Intelligence for a proactive approach to find the types of threats relevant to your company based on industry and company size.
- Have continuous monitoring of your main assets and systems, know what happens to your data and who accesses it. See more about it on here
- Ensure that your organization has a robust cyber insurance policy so that even if a breach occurs, business continuity can be maintained.
- Implement the right tools, processes and technology - based on your company's needs. There is no single solution to cybersecurity. Use a framework customized for that.
- Stay ahead of the curve by subscribing to cybersecurity news, industry updates and threat notices.
With the growing threat of cybercrime right now companies must do their part by instituting a strong cybernetic practice.
Have one reactive positioning at that time will delay recovery, it will increase response costs and place significant pressure, further aggravating the disruptive effects of the current crisis.
Understand and plan the main business impacts you may face is an important first step, so senior management needs to be a driving force to integrate security into the company's culture so that employees understand their priority.
Companies must take advantage of the current moment to TO REVIEW their resilience and crisis response strategies and PLANNING ACTIONS to be well prepared for the potential impacts of this pandemic.
Safeway can help you right now. Talk to one of our experts.
* Umberto Rosti is founder and Chairman of Safeway
SAFEWAY is an Information Security consulting company, recognized by its clients for offering high value added solutions through projects that fully meet business needs. During these years of experience, we have proudly accumulated several successful projects that have earned us credibility and prominence in our clients, which constitute in large part the 100 largest companies in Brazil.