CONFERENCE NOW Cybersecurity Planning Crucial to your Business By Lizz McCrindle NSGA Communications & Social Media Manager Businesses large and small are dependent on technology. There
The same thing goes for user
are many advantages and conveniences but there are also a
access controls as they should
lot of vulnerabilities. Owners and leadership teams must be
be determined by role-based
prepared to protect their business and assets by implementing
criteria using the principle of
a strong cybersecurity plan as well as procedures to follow
least privileged. This means
the plan.
the user is given the minimum
Andrew Sekela, who is part of the FBI’s bureau in Tampa, Florida, discussed how important this is during his session, “Organizational Cybersecurity: A Top Priority to Protect Your Business,” at the 2021 NSGA Management Conference & Team Dealer Summit. If your small business is the target of a cyberattack or security breach, report it to the FBI. These types of attacks happen every day and cost billions of dollars a year. To keep yourself and your business safe from cyberattacks, Sekela said it is important to change passwords and passphrases often, update software system, and beware of phising emails. To keep your systems and team safe from attacks, it is important to create a cybersecurity culture. This begins at the top with executives and board management understanding the threats posed by cyberattacks. In doing this, leadership can assign different levels of training depending on the department, including cybersecurity awareness for all necessary team members, as well as offering advanced training for the technical staff members. The leadership team should be able to come up with a cybersecurity policy by remembering that the devil is in the details. Once the policy is complete, it should be shared widely with your team, and followed with training to ensure the policy is being enforced.
levels of access needed to perform their job. With many businesses allowing for employees to work from home, it is essential there are secure remote access features as well as understanding their vulnerabilities.
>> Andrew Sekela
The final element of access control is off-boarding when an employee leaves. Their system access should be completely suspended. Vulnerability Management: Vulnerability makes it easier for hackers to launch a cyberattack. It is important to always stay abreast of the latest vulnerabilities by utilizing all available sources of information. Have the IT department perform regular scans and assessments. If your business does not have an IT department, there are public resources that can also be used to do this type of scanning such as Shodan and Cersys. These sites are designed for organizations to do a scan of their networks and see what devices are connected. Threat Detection and Monitoring: It is important to detect threats before they become problems. There are several detecting tools such as auditing internal systems and cybersecurity monitoring
Policy & Procedure: It is essential to conduct regular policy
systems. Another way to monitor threats is to review reports by
reviews and update the policy frequently as information changes.
the FBI and DHS to maintain awareness of critical infrastructure
Look at other examples and compare them to see if there are
threat trends such as Tactics, Techniques and Procedures (TTPs)
areas missing. There are many free online resources including:
or Indicators of Compromise (IOCs).
SANS Institute templates (www.sans.org) and the Department of Homeland Security publication “State Cybersecurity Governance Case Studies Cross Site Report.” (www.dhs.gov).
Establish a baseline of network activity (internal and external). It is difficult to determine a threat if you do not know the baseline activity level. Logging and auditing activity on the network is an
Accessibility: Do not give someone more access than they need
essential part of threat detection. Monitoring systems include
to do their job. This will help protect against an inside threat. If
passive (eavesdrop on network and look for compromises), active
someone is compromised, only the information they have access
(actively scan network) and a hybrid of both methods.
to can be exploited. 16 | NSGA NOW ®
>> January/February 2022
