Six considerations to strengthen your cybersecurity program in 2022
With any change to an organization’s technology posture come new opportunities for attackers to infiltrate this new environment. As witnessed in 2021’s Colonial Pipeline attack, hackers continue to take advantage of new vulnerabilities created by the digital-first environment.
Wondering what to expect as we continue into 2022? Here are six areas you should focus on to help strengthen your organization’s cybersecurity program and avoid becoming a victim of your own circumstances.
1. Assess the technical expertise you have to address your cybersecurity risks
Every organization has, or should have, a supporting cast of personnel and vendors to support its IT needs, but how often are you reevaluating these individuals to support your current and future technology plans? An organization’s resources and/or managed IT services should be adequately trained to address current cybersecurity threats.
An established training program should be tailored to your personnel to provide the level of training needed to support your current technology as well as future needs. When utilizing a managed service provider, organizations should assess contractual obligations in support of their cyber needs and determine the level of effort made by the vendor for staying ahead of the skills gap for emerging cyberthreats.
2. Execute your incident response plans
Your organization has developed a formal incident response plan (IRP) and reviewed it against changes within your environment, but does the plan actually work? One of the most important components of your IRP is testing of your plan. Performing a tabletop exercise with key personnel will ensure: (1) stakeholders understand their responsibilities in the event of an incident, and (2) data recovery and related incident plans are updated to accommodate new systems and business processes.
3. Consider the effects of a cybersecurity event from your supply chain or vendor support
Attack vectors come from all different angles and preferably through the path of least resistance. Even the SolarWinds attack in 2020 was identified through SolarWinds’ supply chain. This means that if your vendors have access into your organization’s data or technology, then their incident response strategies are just as important as your own. By reviewing the cybersecurity programs of your vendors with access to critical data, your organization can remain aware of their response strategies in the event of a cyberattack. Understanding this information can help organizations work in close liaison with vendors to mitigate the impact of cyberattacks.
4. Focus on security updates for your information technology and critical systems
A vulnerability management program is a crucial component of your overall cybersecurity program. With many organizations having added new systems and tools to support their business, proper due diligence is essential to both legacy and new systems. Such due diligence includes reevaluating plans for deploying security updates, performing a vulnerability evaluation prior to going into production, and ongoing vulnerability evaluations for both legacy and new systems.
5. Make sure personnel training programs reflect the current risk environment
With the adoption of hybrid and remote working conditions, personnel remain one of the most important lines of defense against cybersecurity threats. Your cybersecurity training and awareness program is now, more than ever, critical for all personnel, including senior management and board members. Is your training program up to date to include current cyberthreats being faced?
Solutions such as multifactor authentication (MFA) protocols are not a one-size-fits-all approach as not all systems are capable of such configurations. Therefore, reminding users to be diligent when creating passwords and/or passphrases and carefully consider password length, age, and complexity, organizations can gain comfort that their personnel are upholding the security against attack vectors they may face.
6. Communicate changes in your cybersecurity program
The responsibilities of one’s cybersecurity program are pervasive throughout the entire organization. After an extended period of record turnover, organizations are facing new challenges when it comes to communication channels and accountability for cybersecurity responsibilities.
Your company’s personnel profile is not the same as it was in 2020 or even 2021. What control activities were updated as a result, and did you inform personnel who may have inherited these responsibilities? Further, how are you ensuring ownership and accountability over personnel responsible for these control activities? Establishing and reviewing formal communication channels among personnel relevant to your cybersecurity program can ease the impact your organization may be facing due to the increase in staff turnover.
No one can predict what 2022 will hold for us, but we can learn from the circumstances that brought us here, and there’s no better time than now to review your cybersecurity program. Organizations need to stay diligent when performing regular assessments to ensure they’re are staying up to date when addressing cybersecurity risks.
For those who have reviewed their cybersecurity program recently, considerations such as those listed above will help solidify your plans for ensuring adequate protection and response strategies are in place to protect against ever-evolving and increasingly dangerous cyberthreats.