Are you sure it’s adequately protected?

In today’s era of global uncertainty and heightened geopolitical tensions, cybersecurity is becoming more important than ever. In the wake of the war in Ukraine, cyberattacks are on the rise again – not to mention the activities of Lapsus$, a hacking group, which affect companies and government agencies around the world, says Energy expert Eaton.

These incidents emphasize the need to be vigilant and take appropriate preventive and protective measures to ensure business continuity – while cyberattacks cannot be predicted, they also do not come out of nowhere. In many cases, their success is due to vulnerabilities that can be identified and prevented. Therefore, companies and other organizations must continually review their defenses and integrate best practices in cybersecurity in all aspects of its operations.

Eaton has prepared the list of seven questions any company should ask to ensure it is correctly applying and executing the best practices:

1. Do you back up all critical information? Ideally, a full backup should be performed weekly, and stored offline – and don’t forget to test your ability to implement backups in the event of an incident.
2. Has your organization performed a cybersecurity risk analysis? If you don’t know what risks you may be susceptible to, it’s difficult to plan for all eventualities. Therefore, it makes sense to carry out periodic system audits in accordance with established international and local standards and regulations. Whenever a change is made to your infrastructure or configuration, a potential vulnerability is created. That’s why it’s important to monitor all changes and perform an extensive risk analysis that takes them into account – annually if possible.
3. Are you training your team in cybersecurity best practices? Given that the most successful attacks are not based on sophisticated technical methods, but on social engineering, phishing or other ways of exploiting human weakness, security training is absolutely crucial. At the same time, system users should only be given the access they need to perform their functions, as this limits the actions that hackers can take if a certain set of credentials is compromised.
4. Do you regularly scan your systems and networks for vulnerabilities? One of the simplest ways to prevent an attack is to implement timely and regular fixes to apps and systems – and perform updates as soon as they become available.
5. Implemented the app whitelist? Reducing the number of programs and software running on your networks is a straightforward way to limit vulnerabilities. A white list stipulates which apps and app components (such as libraries, cookies or configuration files) are allowed, including rules for their use.
6. Would your organization be able to sustain operations in the event of an attack, and if so, for how long? attacks from ransomware such as those carried out by the Conti Group provide a good opportunity to review and put your business continuity plans into action – and not just on paper. It’s best to test them thoroughly to ensure they work as intended when attackers do attack.
7. Have you tested the performance of your security measures in the event of an actual attack? This penetration test is essential to determine the strength of your defenses. To reduce the impact of a breach, critical information systems must be segmented into different security zones; at a minimum a three-tiered architecture is recommended – much like a medieval castle with multiple moats and walls rather than a single line of defence.

Says the expert that you must also follow other steps that include ensuring that your settings are safethat the network sensors have been installed and that your architecture and security systems support detection and isolation of incidents.

These practices have been shown to be effective in combating a wide range of cybersecurity threats – according to the US Department of Homeland Security, for example, they can prevent up to 85% of targeted attacks. And while some of them may seem obvious, they are not being fully implemented in all organizations, which is why it is always helpful to reiterate them.

Cybersecurity is always evolving, requiring constant attention, periodic reviews of the effectiveness of existing measures and policies, and updates and patches system regularities – after all, hackers don’t get tired of finding vulnerabilities to develop “exploits” that will allow them to wreak havoc on your systems, so don’t help by being negligent.

Other interesting articles: