Implementing cybersecurity best practices can significantly reduce critical risks, such as disruption of business operations, exfiltration of sensitive data and reputational damage. Successful implementation involves addressing people, process, and technology as part of a single strategy.
The practices most commonly used by security practitioners and tools focus on protections for endpoints, networks, and the cloud systems used to collaborate and develop software. That is, they look at securing how these are used, who uses them, and what type of data is on them. To begin, we must identify the target. If you are shipping software to customers, you are shipping targets. If you are hosting software or data, you are the target.
As a guide to cybersecurity, consider the following best practices when developing your strategy and implementation plan:
- Strategize with a Chief Security Officer (CSO): Hire an experienced information security professional to help you, either part-time or as a shared function in IT. This individual will establish the required roles and responsibilities that will govern your cybersecurity program. A senior person with experience in your industry can help identify things like privacy regulations, compliance standards, or frameworks such as CIS, CMMC, CCPA, PCI, or NIST standards.
- Dedicate a full-time employee for IT security: Regularly patching software and applying configuration changes is the foundation of any good security posture. Often, internal development and IT staff own this responsibility. It takes considerable effort and focus. The more efficient route is to hire a dedicated, experienced IT security person or look for outsourced help to streamline these operations. Ensure that the staff is given these tasks as part of job descriptions connected to quality assurance (QA) in software development or systems administration of endpoints, networks, and cloud systems. Setting KPIs (Tips for Creating a Cybersecurity KPI Program) for addressing known vulnerabilities or controls and regularly testing against them can make a big difference in lowering your cybersecurity risks.
- Implement recommended Frameworks and Benchmarks:
- We highly recommend following the Ransomware Task Force’s “Blueprint for Ransomware Defense” toolkit for new start-ups. Built by industry experts, including ActZero - a Point72 company - the blueprint contains 40 safeguards that can easily be implemented by small companies (that includes start-ups!) or those looking to get a quick start on their ransomware defense.
- If you’re already familiar with the practices for your industry and are preparing to use a framework such as the CIS Top 18, consider using hardening standards (called benchmarks) for your operating systems (Windows, Macintosh, Linux) or security tools like Firewalls. Great benchmarks from CIS can be found for free on the CIS website.
- Invest in Threat Monitoring, Detection, and Response: Ensuring an attack is dealt with quickly at any time of day can be challenging. Monitoring and detection tools, such as log monitoring or EDRs, work well but will require constant vigilance from your team. Every IT and IT Security person we’ve ever seen tends to sleep! Without the resources assigned to manage and respond to any alerts, or the expertise to complete the necessary investigations, we strongly recommend outsourcing 24/7 cyber defense to a Managed Detection and Response provider who can provide the tools, processes, and personnel to detect threats rapidly, block attackers, and alert you only when necessary, all while continuously monitoring for vulnerabilities in your environment..
- Invest in Resilience: Planning for success is great, but given the pace at which adversaries are finding new and unique ways to breach businesses, testing for failure is also necessary. Ensure that key systems and data repositories have an offline back-up and that you have an incident response plan in place. Here’s a free template to help you build your IR plan. Once in place, test these systems and processes regularly - just like a fire drill. Consider cybersecurity insurance and other risk transfer methods to help overcome any costs related to re-establishing normal business operations and recovery.
In addition, to further examine your organization's cybersecurity defenses against the most recent ransomware campaigns, zero-day attacks, or other exploits, we are offering* a complimentary ransomware readiness assessment to organizations uncertain about their cybersecurity risks. Within two hours, we'll review our findings with you and provide recommendations to remediate any risks quickly. Schedule your evaluation here.