In today's era of global uncertainty and heightened geopolitical tensions, cybersecurity is becoming more important than ever. In the wake of the war in Ukraine, cyberattacks are again on the rise – not to mention the activities of Lapsus$, the hacking group, which affects businesses and government agencies around the world, says energy expert Eaton.
These incidents underscore the need to be vigilant and take adequate preventive and protective measures to ensure business continuity – while cyberattacks cannot be predicted, neither do they come out of the blue. In many cases, their success is due to vulnerabilities that can be identified and prevented. Therefore, companies and other organizations must continually review their defenses and integrate cybersecurity best practices into all aspects of their operations.
Eaton has compiled a list of seven questions any business should ask to ensure it is correctly applying and executing best practices:
- Do you back up all critical information? Ideally, a full backup should be performed weekly, and stored offline – and don't forget to test your ability to implement backups in the event of an incident.
- Has your organization conducted a cybersecurity risk analysis? If you don't know what risks you might be susceptible to, it's difficult to plan for every eventuality. Therefore, it makes sense to carry out periodic system audits in accordance with established international and local standards and regulations. Whenever a change is made to your infrastructure or configuration, a potential vulnerability is created. That's why it's important to monitor all changes and run an extensive risk analysis that takes them into account – annually if possible.
- Are you training your team in cybersecurity best practices? Given that the most successful attacks are not based on sophisticated technical methods, but on social engineering, Phishing or other forms of exploitation of human weakness, security training is absolutely crucial. At the same time, system users should only be given the access they need to perform their functions, as this limits the actions hackers can take if a given set of credentials is compromised.
- Do you regularly scan your systems and networks for vulnerabilities? One of the simplest ways to prevent an attack is to implement timely and regular patches to apps and systems – and roll out updates as soon as they are available.
- Have you implemented app whitelisting? Reducing the number of programs and software running on your networks is a straightforward way to limit vulnerabilities. A whitelist stipulates which apps and app components (such as libraries, cookies or configuration files) are allowed, including the rules for their use.
- Would your organization be able to sustain operations in the event of an attack, and if so, for how long? Attacks from ransomware such as those perpetrated by the Conti Group offer a good opportunity to review and put your business continuity plans into action – and not just on paper. It's best to test them thoroughly to ensure they work as intended when attackers actually strike.
- Have you tested the performance of your security measures in the event of a real attack? This penetration test is essential to determine the robustness of your defenses. To reduce the impact of a breach, critical information systems must be segmented into different security zones; At a minimum, a three-tiered architecture is recommended – much like a medieval castle with multiple moats and walls, rather than a single line of defence.
The expert says that you should also follow other steps that include ensuring that your settings are safe, what do you network sensors have been installed and that your architecture and security systems support detection and isolation of incidents.
These practices have been shown to be effective in combating a wide range of cybersecurity threats – according to the US Department of Homeland Security, for example, they can prevent up to 85% of targeted attacks🇧🇷 And although some of them may seem obvious, they are not being fully implemented in all organizations, which is why it is always useful to reiterate them.
Cybersecurity is always evolving, requiring constant attention, periodic reviews of the effectiveness of existing measures and policies, and updates and patches system regulars – after all, hackers never get tired of finding vulnerabilities to develop “exploits” that will allow them to wreak havoc on your systems, so don't help by being negligent.
