Being able to navigate the basics of cyber security is more important for organizations than it ever has been before. Organizations are experiencing increasingly distributed digital ecosystems that Gartner highlights as a problem for Security and Risk Management (SRM) leaders, leading to less ability for direct decision-making control.
In fact, 88% of surveyed organizational boards view cyber security as a business risk rather than solely an IT problem. This is significant because, in the past, issues with any type of organizational security were viewed as the IT department's responsibility, with the rest of the organization, especially the executive team, not really seeing the need to be directly involved.
But the truth is that online threats are more prevalent than ever.
According to the most recent Cyber Security Threat Trends report by Cisco, the most active cyber security threats include:
- Cryptomining
- Phishing
- Ransomware
- Trojans
These four types of attacks were used as much as ten times more than other types of attacks. And it's obvious that organizations are taking notice and wanting to protect themselves, as these four threats averaged 100 million searches per month in 2020.
Cyber security has evolved from being viewed as an IT problem to a problem that touches every aspect of an organization, from investors to employees. As consumers are increasingly becoming more tech-savvy, the concept of digital trust, which refers to consumer confidence in the cyber security initiatives of organizations they do business with, is also a concern. It's clear that an effective cyber security framework should be a high priority for every organization.
The first step in securing your organization is understanding cyber security fundamentals, which we'll discuss in this article. These basics help you understand what's needed to create a foundation for protection against online threats for your organization. From there, cyber security best practices and the importance of cyber security training for employees are also discussed.
Basics of Cyber Security
The basic premise behind effective cyber security management is the protection of all files and devices within your organization. This requires a holistic approach that considers all the moving parts of how information moves through an organization, how devices are used, and what precautions should be observed so that the organization's approach to cyber security education is proactive rather than reactive.
Cyber Security Frameworks
When it comes to basic cyber security, organizations can use various frameworks to help them assess, monitor, and mitigate cyber security risks. For example, adhering to the ISO 27001 and 27002 standards for data governance demonstrates that an organization's cyber security program is mature and in working order, while SOC2 compliance focuses specifically on the effective management of client data.
The NIST framework is a good example of a generalized framework because it provides a basic outline of what IT decision-makers should consider when developing a basic cyber security framework for an organization. NIST covers five different areas:
- Identify -involves making a list of all the equipment, software, and devices that are used throughout the organization. From there, determining roles and responsibilities for all stakeholders, including employees, vendors, and anyone else with access to sensitive data, is needed.
- Protect -requires knowing who is logging onto your organization's network, with which devices, and what security measures are in place. Multi-Factor Authentication (MFA), data encryption, security updates, and regular backups should all be in place.
- Detect -continuous monitoring of your organization's network and the systems that are connected to it is important to detect and investigate unusual and unauthorized activities and be able to respond to them as quickly as possible.
- Respond -being able to respond quickly to a potential threat is important. You should have a plan for how customers, employees, and other stakeholders will be notified in the event of a cyber-attack and a plan for getting business operations back to normal functionality as soon as possible.
- Recover -after a cyber attack occurs and has been dealt with, it's important to have a process in place for repairing and restoring equipment, data, devices, and other parts of your organization's network. At the same time, it's important to keep employees and customers informed throughout the recovery process, so a plan for keeping communication consistent and transparent should be implemented as well.
When cyber security is viewed as a holistic responsibility, meaning that everyone in the organization understands that they play an important role in ensuring the organization's digital security, then it's easier to maintain a secure online and offline working environment.
What is Cyber Security Hygiene and Why It's Important
Ensuring that an organization's data and networks are safe and secure requires developing an overall culture that encourages activities that encourage cyber security best practices. These are small but effective actions that every stakeholder, from an employee to an external partner like a vendor or supplier, takes to prevent digital security breaches.
When all stakeholders in an organization have the tools to identify a potential cyber security threat, they can take individual action to prevent a breach. For example, let's say a receptionist receives an email marked urgent from the CEO. But the receptionist knows that the CEO is currently on vacation. That knowledge, combined with taking a few extra steps in verifying the email (e.g., checking the address of links without clicking, verifying the sender's email address, etc.), tells the receptionist that it's possible that the email is a scam. Instead of opening it, the receptionist can simply delete it and continue working. While the whole process may have only taken a minute or two, it's not insignificant: by taking the time to do a few security checks, the receptionist may have prevented a significant breach of security from occurring.
In fact, most successful cyber security attacks are the result of momentary lapses in following basic cyber security best practices or, in other words, user error.
This isn't just limited to non-tech-savvy users; security engineers and IT professionals can also fall victim. This isn't because of willingness but rather due to:
A lack of visibility into endpoint connections in an organization's networkA lack of consistency in monitoring and deploying security patches and updates
Ineffective security configurations with network equipment, software, and devices
A lack of an effective and efficient plan for identifying and responding to potential threats
Of course, this circles back to having an effective cyber security framework in place and getting everyone on the same page with it, regardless of their role in an organization.
Building a culture surrounding best practices for cyber security is especially essential for zero-day security. The term "zero-day" means that security and IT professionals have had zero days to identify and fix an issue. Zero-day is often applied to different cyber security terms depending on the type of issue. The definitions for these different terms are explained in the table below:
Zero Day Definitions
|
Zero-day cyber security term |
Definition |
|
Zero-day vulnerability |
An unknown vulnerability or software flaw that a hacker or threat actor can target with malicious code |
|
Zero-day exploit |
A technique a hacker uses to take advantage of a software flaw or vulnerability to attack a system |
|
Zero-day attack |
A hacker releases malware with the purpose of exploiting the software flaw or vulnerability before it can be fixed |
6 Best Practices in Cyber Security
To keep an organization secure, it's important that cyber security essentials are followed. These include best practices that both security professionals and users should follow, as appropriate:
1. Follow a Cyber Security Framework
When creating a program that observes cyber security basics, it can be overwhelming to start from scratch, especially when you're dealing with a massive organizational network with many moving parts. Following an existing cyber security framework that has been tried and tested is a good bet, as you can iterate on it as needed.
2. Keep Software Up to Date
As hardware and software age and new technologies are released, these older programs and components can become more vulnerable to cyber security attacks. Hackers and scammers can easily exploit older firmware and software because the more time they have with legacy tech, the more exploits they can identify. These vulnerabilities can be patched with regular security updates to prevent unauthorized access.
3. Enable MFA for All Users
Let's face it: usernames can be pretty easy to guess, and users tend to choose easy-to-remember passwords and use the same password for multiple websites. This isn't because they don't care about security but rather because it's difficult to remember multiple passwords. Using additional apps to secure your business, such as LastPass, to create strong passwords that nobody has to remember (they can simply let the app autofill or copy/paste) is a good idea, but enabling MFA is essential as well.
With MFA, an additional verification step is needed upon login, usually through one of the following:
- A mobile authentication app, like Microsoft Authenticator
- SMS
Microsoft's Authenticator app, for instance, usually gets triggered when a user logs into an account from a new device for the first time. When this happens, the user needs to enter a unique code to prove their identity. If the person trying to log in was anyone other than the correct user, then they won't be able to bypass this step and will be unable to log in.
4. Beware of Email Phishing
In terms of cyber security attacks, email phishing is one of the most popular and common ways that cybercriminals attempt to steal sensitive information. By spoofing email addresses and pretending to be reputable individuals, threat actors pretend to be trustworthy to convince a user to click on a link that leads to a phishing website or downloads malware.
The best way to defend against email phishing is through education. Knowing what to look for and developing safe email habits is paramount. The table below outlines some common characteristics of phishing emails that users can look out for:
|
Common phishing email characteristics |
How to respond |
|
Message urgency |
If the message is urgent and claims that you need to click, call, or open an attachment immediately, it's important to resist the urge and take the time to review the email further. |
|
First-time senders |
While it's not always unusual to receive an email from someone outside of your organization, it's important to take extra care and review these emails carefully. Think critically about the contents, and don't be afraid to perform due diligence. For example, a potential client should identify which organization they work for. Do a quick search and see if you can verify its legitimacy. |
|
Bad spelling and grammar |
Obvious spelling or grammatical errors can be indicators of a phishing scam. Using unicode characters that look similar to English letters is another decades-old trick that threat actors use to fool users. |
|
Generic or unprofessional greetings |
While a co-worker might use a simple "hello" to start an email, generic or unprofessional greetings can also signify phishing. Common ones include "dear sir or madam" or "hello dear." If you see an email like this, proceed with caution. |
|
Incorrect or mismatched email domains |
Along the same lines of using Unicode to fool users, some hackers will attempt to fake a legitimate email address with a subtle misspelling or by replacing a letter with a number (e.g., Gnail.com or app1e.ca). Be sure to double-check email domains to ensure they are the real thing. |
|
Suspicious links or attachments |
A hypertext link may display an address, but that doesn't necessarily mean that it's the same address it'll take you to when you click. Hovering over the hyperlink text, long-pressing (if you're using Android), or using a light, long press on Apple will reveal the link. If it doesn't match the text or looks suspicious, such as being a shortened URL or otherwise, don't click it. |
5. Use a Secure File Sharing Solution
File sharing security is paramount for any organization. Data that is in transit or at rest can potentially get into the wrong hands if effective security and access measures are not in place. Aside from using a secure file-sharing solution like Microsoft OneDrive or SharePoint, cyber security basics come into play, including using strong passwords and enabling MFA. Other recommendations over and above those basics include:
- Using a Virtual Private Network (VPN). If employees are accessing your organization's file-sharing network from a public location, such as a coffee shop or library where they are using public internet access, they should use a VPN to disguise their activity against potential threat actors.
- File access should be limited to a group of users. Rather than having the entire file-sharing network accessible to everyone, granular permissions should be created so users only have access to the data they need. In the event of a breach, access permissions limit the data that a hacker can access.
- Regularly auditing access privileges. Just because someone needed access to a folder or a specific file at one time doesn't mean they will always need access. Access permissions should be regularly audited for accuracy.
- Using end-to-end encryption
6. Use Anti-virus and Anti-Malware Programs
Making use of strong anti-virus and anti-malware programs is another essential best practice for effective organizational cyber security. Microsoft Defender for Business is an example of an enterprise-grade security solution that incorporates anti-virus and anti-malware technology to keep organizational data secure.
Need Help with Microsoft Licensing?
Leave your Microsoft licensing, security, and software solutions to us so you can concentrate on moving your business forward.Drop Us a Line
Importance of Cyber Security Training for Employees
All the security technology in the world can't replace good cyber security training programs. When an organization focuses on building a culture that takes cyber security seriously, employees can better detect and avoid situations that can lead to breaches. According to the 2022 Data Breach Investigations Report by Verizon, 82% of all data breaches have a "human element"—meaning that human error was likely the main cause of the data breach.
Part of building a culture surrounding data security is having the right program in place. Amaxra provides several security solutions to keep data safe within your organization. Our Managed Detection and Response provides a holistic approach to cyber security and includes services like augmenting your existing IT team with additional experts, providing a direct line to support when you need it, and helping your organization adopt a Zero Trust Security Approach.
Amaxra's Zero Trust Security marries teaching the right perspectives regarding online security through cyber security training (knowing who is using your systems, just-in-time and just-enough-access principles for users, and overall minimizing the radius of access) with security management (devices, applications, passwords, etc.) to create a complete security approach.
Ensuring that employees have the tools and knowledge they need to help maintain a secure online environment within an organization greatly contributes to an effective cyber security strategy.
Conclusion
Understanding and embracing cyber security basics is essential for IT teams and everyone involved with an organization, including employees and stakeholders. Providing effective cyber security training for employees helps build an organizational culture that takes online security seriously, which is your best defense against potential data breaches.
Another part of basic cyber security is ensuring that your organizational tech stacks are fully optimized. For instance, having unused but active licenses floating around provides an opportunity for unauthorized access if those licenses get into the wrong hands. Amaxra can help you get your organization's cyber security initiatives on track and optimize your Microsoft licenses so that you're only using what you need. Aside from protecting against unauthorized access, optimized licenses will also save your organization money.
Want to learn more about Amaxra's services? Contact us today!
Get Started Today
We'll build a secure and complete Microsoft software solution for your business while you concentrate on what's important.
