network switches and cables

12 Cybersecurity Tips to Secure Your Infrastructure

The threats are real. And they’re not just limited to big companies or organizations either. Very often, attackers are using bots to troll the Internet for vulnerabilities. When the bot finds the vulnerability (or an employee engages with a malicious actor), then the attacker exploits that attack vector. So, how do you protect your organization from being attacked? Here are a few common-sense cybersecurity tips.

 

 

Invest in User Education

Your people represent one of the largest attack vectors – not because they want to bring the organization down, but because they don’t know what they don’t know.

Unlike you, your employees don’t lie awake at night thinking about cybersecurity. Most of them are probably much more interested in Facebook than public key infrastructure. And while they may not fall for the “Nigerian prince” phishing email, they may fall victim to one that looks like a trusted colleague, vendor, or friend.

To mitigate this threat, you want to invest in high-quality cybersecurity education for your team. Make sure the curriculum is concrete, replete with good anecdotes, and be sure to follow up with good testing to make sure the concepts stuck.

Very often, attackers are using bots to troll the Internet for vulnerabilities. When the bot finds the vulnerability (or an employee engages with a malicious actor), then the attacker exploits that attack vector.

Understand the Threats

Many IT professionals started out in the industry doing things like network and system administration. While this provides them a good understanding of how the component parts of their networks fit together, many are less aware of the risks abounding on the Internet. You should know about some of the more common threats, such as phishing, malvertising, and browser injections. You should also follow security experts like us and OWASP in order to stay up-to-date on the threats facing your organization.

Practice Good User Account Management

While forcing users to use two-factor authentication or asking that they create unique passwords frequently can seem ‘annoying’ to users, good cyber hygiene is essential to reducing risk. With practices in place that require users to rotate passwords, VPN from outside the organization, and undergo compliance audits, even account compromises can be contained.

Keep Your Software Updated

Old software is fertile ground for attackers. Many attackers keep databases of software vulnerabilities, which they steer their malicious bots towards. As software companies identify their own vulnerabilities, they release patches to prevent exploitation. You should have a process for routinely updating your software to keep it current.

Keep Backups

While keeping backups can’t prevent attacks, they can help to reduce the impact should one occur. Importantly, you want your backups to keep separate from your primary network so that the backups aren’t compromised if your network is.

Segment Your Network

Not all parts of your network are equally critical. But, an attack in one part of the network could harm another, more critical part of the network. A good practice is to thoughtfully segment your network and prevent interaction where it’s not necessary. A common, obvious example is using a ‘guest’ network for wifi connections for customers or vendors (or anyone who doesn’t “need” to be on your core network). Depending on your IT infrastructure, there may be other areas to segment your network. In this case, you’ll want to make sure you double down on cybersecurity infrastructure for the most critical parts of your business infrastructure.

Establish a BYOD Policy

We live in an age of personal device. Most of us can no longer imagine life without our smartphones or tablets. Yet, when these devices are on your network, a compromise can pose a threat to other devices on the network. If you don’t segment employee devices from your core network, you want to make sure you have policies about how devices should be allowed to interact with your network. In some cases, that may mean limiting access, requiring the use of security certificates, or even disallowing devices altogether.

Retire Old Devices & Services

As your organization grows and your business IT needs a shift, you may find that old device become obsolete or superfluous. When that happens, retire them and remove them from the network. Not only is it less to manage, but it also reduces access points and attacks vectors on the network.

Test Your People & Your Processes

As you become aware of new threats, you want to update your user education plan and roll out the information in a systematic way. In a sense, your user education “plan” is really more of a “process:” it’s never complete. As you roll out your education process, you want to make sure you’re testing its effectiveness consistently. For example, are people following the incident report strategy? Are they being properly encouraged? Is IT getting back to them quickly when a concern is reported? You may want to identify an individual whose job is to become a cyber hygiene trainer and is accountable for this part of your operation as a whole.

Encrypt Critical Information

In the event an attacker gains access to your IT infrastructure, you can reduce the risk of critical data loss by having it be encrypted in the first place. If your information is encrypted, the attackers won’t be able to gain access to the content of the information without the keys. At the very least, your most sensitive, confidential information should be encrypted.

Make Sure Your IT Infrastructure is Cyber-Insured

It’s impossible to mitigate 100% of the risk associated with cybercrime and data loss, even with the best people, processes, and technology. Standard insurance policies don’t cover the loss of data in the event of a breach. If an attack happens, your organization could be held liable to third-parties and lawsuits could be fiscally ruinous. Having cyber-insurance is an essential component of the modern organization.

Monitor Your Network(s)

You should know what devices are on your network at all times. You should also know how they typically interact with the network and be able to identify aberrant behavior. Your SIEM plays a vital role in this function. If unusual behavior is detected, make sure it’s addressed swiftly and decisively.

BitLyft AIR® SIEM Overview

 

The Complete Guide to Cybersecurity Logging and Monitoring

Jason Miller

Jason Miller, Founder and CEO of BitLyft Cybersecurity, has dedicated his 20-year IT career, including co-founding SaaS pioneer Reviora, to removing cybersecurity barriers for mid-sized enterprises. Establishing BitLyft in 2016, Jason set out to unburden security teams with innovative, approachable, and affordable solutions, a vision which has made BitLyft a respected managed detection and response provider. Outside his cybersecurity pursuits, Jason is an avid tree farmer and outdoor enthusiast, planting nearly 300 trees on his ten-acre plot and finding joy in hiking, and hunting. His diverse passions mirror the balanced blend of expertise, dedication, and joy he brings to BitLyft.

More Reading

woman looking at a laptop
Managed Cybersecurity Services
Companies desperately need help with managing their cybersecurity program. Not only are threats continually evolving, but the quantity of resources that firms must throw at the problem is tremendous...
security operations center engineer looking at two screens
SOC for Cybersecurity
SOC
In today’s world, information systems are incredibly interconnected, but this comes with a price. Because most organizations conduct some portion of their business in cyberspace, they open themselves...
compliance padlock with stars circling around it