In the current era of global uncertainty and heightened geopolitical tensions, cybersecurity is becoming more important than ever writes Eric Rueda, EMEA: Digital Hub Operations Manager, Eaton.
In the wake of the war in Ukraine, cyberattacks are again on the rise, with Estonia experiencing its most extensive attacks since 2007, Finland’s parliament being targeted, and Montenegro’s critical infrastructure compromised – not to mention the Conti ransomware or the activities of the Lapsus$ hacker group, both of which have been affecting companies and government agencies around the world.
These incidents emphasise the need to be vigilant and take appropriate preventive and protective measures to ensure business continuity – while cyberattacks cannot be predicted, they don’t come out of nowhere, either. In many cases, their success is due to vulnerabilities that can be identified and prevented. Therefore, companies and other organisations should continuously review their defences and incorporate cybersecurity best practices into every aspect of their operations.
Seven questions to ask yourself
To make sure you’re applying these best practices, and that you’re doing so properly, ask yourself the following seven questions:
-
- Are you backing up all critical information? Ideally, a full back-up should be performed every week, which should then be stored offline – and don’t forget to test your ability to deploy back-ups in the event of an incident.
- Has your organisation conducted a cybersecurity risk analysis? If you don’t know what risks you may be susceptible to, it’s difficult to plan for all eventualities. It therefore makes sense to carry out periodic system audits in line with established international and local standards and regulations. Anytime a change is made to your infrastructure or configuration, a possible vulnerability is created. This is why it’s important to trace all modifications and to run an extensive risk analysis that takes these into account – on an annual basis, if possible.
- Are you training your staff on cybersecurity best practices? Given that most successful attacks are not based on sophisticated technical methods but on social engineering, phishing or other forms of exploitation of human weakness, security training is absolutely crucial. At the same time, system users should only receive as much access as they need to perform their functions, as this limits the actions hackers can take if a particular set of credentials is compromised.
- Do you regularly scan your systems and networks for vulnerabilities? One of the simplest ways to prevent an attack is to implement timely and regular patching of applications and systems – and to perform updates as soon as they become available.
- Have you implemented application whitelisting? Reducing the number of programs and software running on your networks is a straightforward way to limit vulnerabilities. A whitelist stipulates which applications and application components (such as libraries, cookies or configuration files) are permitted, including rules for their use.
- Would your organisation be able to sustain its operations in case of an attack, and if so, for how long? Ransomware attacks like those perpetrated by the Conti Group provide a good opportunity to review and put into action your business continuity plans – and not just on paper. It’s best to test them thoroughly to ensure they operate as planned when attackers actually strike.
- Have you tested how your security measures would perform in the event of a real attack? Such penetration testing is essential to determine the robustness of your defences. To reduce the impact of a breach, critical information systems should be segmented into different security zones; at a minimum, a three-tiered architecture is recommended – much like a mediaeval castle with various moats and walls, rather than a single line of defence. Other steps you should take include making sure that your configurations are secure, that network sensors have been installed and that your architecture and security systems support incident detection and isolation.
These practices have been shown to be effective in countering a wide range of cybersecurity threats – according to the U.S. Department of Homeland Security, for instance, they can prevent up to 85 per cent of targeted attacks. And while some of these may seem obvious, they’re not being implemented fully across every organisation, which is why it’s always useful to reiterate them.
Cybersecurity is always evolving, requiring constant attention, periodic reviews of the efficacy of existing measures and policies, and regular system upgrades and patches – after all, hackers don’t tire of finding vulnerabilities to develop “exploits” that will allow them to wreak havoc in your systems, so don’t lend them a hand by being negligent.
For more, see: https://www.eaton.com/gb/en-gb/catalog/services/cybersecurity-services1.html
Read More:
Thought Leadership: Making education fun — A school of thought
We’re Asking You To Sweat: An Interview with Jason Van Der Merwe, Europe Engineering Lead at Strava