Data Protection: Protecting Your Most Valuable Asset

data

As discussed previously, cyber breaches have been on the rise the last few years, especially with smaller businesses. The rationale seems to be related to inadequate cyber security or inadequate resources to address the growing threats for cyber breach. In fact, 43%, of cyber-attacks worldwide last year were against small businesses with less than 250 workers. Additionally, the average cost of ransomware attacks is approximately $840,000, not to mention damage to corporate reputation in the marketplace.

Data Protection Trend Shifts

There have been various shifts in trends for data protection as outlined below:

Advertisement

PPC for Legal
  • Innocent actions of employees to calculated malicious actions of cyber actors
  • Revenge attacks to revenue generating ransomware
  • Practical storage of data for business use to required safekeeping for compliance

So, where are the holes that need to be filled in your security fabric? How can you know at what level you may be vulnerable? The best answer is to have periodic security audits. Through these audits, or assessments, each layer of security is tested and monitored for indicators of cyber threat. Let’s review the layers of security and the questions that should be asked during/after an assessment:

Layers of Security

People. Personnel behavior is a function of both knowledge of technology and company policy. An assessment may reveal where employee education is lacking in both use of the technology and the policy guidelines under which they are expected to operate

Perimeter. Are critical company assets kept “under lock and key” with limited access by appropriate personnel only? Are the assets in a conditioned environment suitable for operation during normal business hours?

Advertisement

Injury RX

Endpoint Protection. Are all devices, primarily servers and workstations protected from cyber breach by appropriate cybersecurity software? Is the software up to date with the latest available patch or fix?

Networks. Are the networks protected from intrusion by appropriate firewalls and software? Are they monitored for anomalies in incoming and outgoing traffic? If detected, do they alert, or do they trigger activity from a Security Operations Center (SOC)?

Application layer. Has an appropriate security model been established within each application and vetted properly to demonstrate that only appropriate access has been given to the appropriate personnel for each functional role?

Data security layer. Has a security model been established for files and folders, to limit access to only those for which it has been designated? (Active Directory/NTFS permissions)

Advertisement

Computer Forensics

Mission Critical Assets. Have the critical assets, both hardware, software, and facilities required to operate the business been identified? Has a plan been developed for recovery of operations in the event of unplanned outages?

The best method of protection to ensure all layers are addressed properly is to perform the Cybersecurity Core:

Patch Management. Operating systems, application “bug” fixes

Security Updates. Releases from security providers to update to most current threats

Business Firewalls. Limit what IP addresses are allowed traffic on the internal network

Secure Access. Controlling what users have access to on the network based on functional roles

Back-ups. Routine, targeted backups of business-critical data and applications

Encryption. Embedding data in secured packets so as not to be intercepted by malicious actors

Monitoring. Regular, routine monitoring of network and alerting on traffic anomalies

Endpoint Security. Identifying and blocking of network traffic recognized as malicious

After this, follow the cybersecurity essentials checklist: end-user self-assessment; DNS filtering; regular cybersecurity assessments (quarterly); end-user awareness training and testing; monthly dark web monitoring; and basic cybersecurity policies (annual review).

By performing security audits, ensuring both the core elements of cybersecurity are working in conjunction with the essential elements, a business can build confidence that their security posture is intact and performing as designed.

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending Articles