Six considerations to strengthen your cybersecurity program right now
As the saying goes, change is inevitable. Since 2020, organizations have transformed the way they conduct business activities, with a majority of organizations increasing their digital presence through the adoption of new tools and technologies, including expansion of remote work and increased dependence on cloud-based technologies.
With any change to an organization’s technology posture come new opportunities for attackers to infiltrate this new environment. As witnessed in 2021’s Colonial Pipeline attack, hackers continue to take advantage of new vulnerabilities created by the digital-first environment.
Wondering where to start? Here are six areas you should focus on to help strengthen your organization’s cybersecurity program and avoid becoming a victim of your own circumstances.
1. Assess the technical expertise you have to address your cybersecurity risks.
Every organization has, or should have, a supporting cast of personnel and vendors to support its IT needs, but how often are you reevaluating these individuals to support your current and future technology plans? An organization’s resources and/or managed IT services should be adequately trained to address current cybersecurity threats.
An established training program should be tailored to your personnel to provide the level of training needed to support your current technology as well as future needs. When utilizing a managed service provider, organizations should assess contractual obligations in support of their cyber needs and determine the level of effort made by the vendor for staying ahead of the skills gap for emerging cyberthreats. Get the experts on-hand (most likely via a retainer) before you need them, especially those who specialize in cyber forensics and incident response coordination.
2. Execute your incident response plans.
Your organization has developed a formal incident response plan (IRP) and reviewed it against changes within your environment, but does the plan actually work? One of the most important components of your IRP is testing of your plan. Performing a tabletop exercise with key personnel will ensure: (1) stakeholders understand their responsibilities in the event of an incident, and (2) data recovery and related incident plans are updated to accommodate new systems and business processes. Include your experts that you have established on-demand services or retainers to help in the tabletop exercise or testing plans.
3. Consider the effects of a cybersecurity event from your supply chain or vendor support.
Attack vectors come from all different angles and preferably through the path of least resistance. Even the Okta attack in 2022 was initiated through one of Okta’s third-party vendors. This means that if your vendors have access into your organization’s data or technology, then their incident response strategies are just as important as your own. By reviewing the cybersecurity programs of your vendors with access to critical data, your organization can remain aware of their response strategies in the event of a cyberattack. Understanding this information can help organizations work in close liaison with vendors to mitigate the impact of cyberattacks.
4. Focus on security updates for your information technology and critical systems.
A vulnerability management program is a crucial component of your overall cybersecurity program. With many organizations having added new systems and tools to support their business, proper due diligence is essential to both legacy and new systems. Such due diligence includes reevaluating plans for deploying security updates, performing a vulnerability evaluation prior to going into production, and ongoing vulnerability evaluations for both legacy and new systems. Focus on your new workplace environment; with many organizations having hybrid workforces, consider the threat landscape and address the new risks in your current environment. Consider additional network layer controls or moving toward zero-trust networks.
5. Make sure personnel training programs reflect the current risk environment.
With the adoption of hybrid and remote working conditions, personnel remain one of the most important lines of defense against cybersecurity threats. Your cybersecurity training and awareness program is now, more than ever, critical for all personnel, including senior management and board members. Is your training program up to date to include current cyberthreats being faced?
Solutions such as multifactor authentication (MFA) protocols are not a one-size-fits-all approach as not all systems are capable of such configurations. Therefore, reminding users to be diligent when creating passwords and/or passphrases and carefully consider password length, age, and complexity, organizations can gain comfort that their personnel are upholding the security against attack vectors they may face.
6. Communicate changes in your cybersecurity program.
The responsibilities of one’s cybersecurity program are pervasive throughout the entire organization. After an extended period of record turnover, organizations are facing new challenges when it comes to communication channels and accountability for cybersecurity responsibilities.
Chances are your company’s personnel profile has changed dramatically over the past several years. What control activities were updated as a result, and did you inform personnel who may have inherited these responsibilities? Further, how are you ensuring ownership and accountability over personnel responsible for these control activities? Establishing and reviewing formal communication channels among personnel relevant to your cybersecurity program can ease the impact your organization may be facing due to the increase in staff turnover.
No one can predict the future, but we can learn from the circumstances that brought us here, and there’s no better time than now to review your cybersecurity program. Organizations need to stay diligent when performing regular assessments to ensure they’re staying up to date when addressing cybersecurity risks.
For those who have reviewed their cybersecurity program recently, considerations such as those listed above will help solidify your plans for ensuring adequate protection and response strategies are in place to protect against ever-evolving and increasingly dangerous cyberthreats.