10 essential cybersecurity practices every business should follow

1. Raising employee awareness of cybersecurity risks

Regular awareness-raising and ongoing training is a best practice in cybersecurity and a system for monitoring internally promoted practices.

Examples of good awareness-raising practices:

  • Interactive and engaging IS workshops.
  • Simulated phishing tests to assess employee vigilance.
  • Reward secure behavior to encourage participation by all employees.
  • Provide easily accessible resources for reminders and quick security tips, such as pills and newsletters.
  • Make an effort to certify staff members so they are involved in best practices.

2. Conduct periodic security risk audits

Periodic security risk audits are a fundamental pillar of any effective cybersecurity strategy. Not surprisingly, these audits allow you to identify and assess vulnerabilities in your IS systems. It is the way to stay ahead of threat actors: model adversarial thinking and understand the specific Kill Chain for each type of vulnerability/threat duo. This helps to ensure the comprehensive security approach in depth, the only global way to counter today’s multi-variable/multi-sequential attacks.

The new ISO 27001/22 proposes Integrating an early detection system for external threats, such as cyber-attacks on others, accidental security breaches used, attacker profiling, etc. This is called Threat Intelligence, and is mandatory.

10 essential cybersecurity practices every business should follow

3. Strengthening IT security teams

Strengthening IT security teams is a fundamental aspect of protecting a company. In fact, these specialized professionals are essential to identify and prevent threats: in prevention, in management during the incident and in knowing what to prepare for the post-incident and mitigate the impacts. In this way, companies can not only improve their ability to counter current threats, but also proactively prepare for future challenges.

What should these teams consist of?

  • Talents with diverse security skills, such as cyber intelligence analysts, ICT security and forensics analysts, and legal compliance specialists.
  • For this team, ongoing training to keep the team’s skills up to date with the latest threats and technologies.
  • Foster collaboration between security teams and other departments to achieve an integrated approach to security.
10 essential cybersecurity practices every business should follow

4. Keeping abreast of new IT solutions

Acquiring new IT solutions is essential to maintain a solid defense against cyber threats, as they are evolving. Indeed, technological advances, such as artificial intelligence and machine learning, offer better protection against cyber-attacks.

  • By enabling faster detection of acts performed by threats, and determining new types of attack patterns (IOA).
  • This cybersecurity-based approach on AI steroids enables a more resilient business in the face of rapid changes brought about by… adversarial AI.

What should we do to have an evolving cybersecurity technology roadmap?

  • Follow solutions based on their compatibility with your existing infrastructure.
  • Each new tool must meet compliance and security standards, at a level equivalent to that of your own company; technology should not be the weak link in your security chain.
  • Check usability against the opinions of your peers, and understand the possible uses of such tools. To do this, have a strong network of contacts from whom you can solicit information “off the record”.

5. Have a tested data backup system adapted to your business.

Regular data backup is part of essential cybersecurity best practices. It is the insurance against data loss in the event of a cyber-attack. It prevents data loss, but also ensures a quick and efficient resumption of operations, embodied in the Business Continuity Plan and Crisis Management Plan.

  • Adopt the 3-2-1 rule: 3 copies of your data, on 2 different types of storage, including 1 offsite.
  • Automate backup processes to ensure the periodicity imposed by the standards and reduce human errors.
  • Periodically test backups to ensure that they are complete and recoverable.
  • Depending on the Information Security Strategy, encrypt the stored data to avoid that, in case of need to restore, confidential data with a given need-to-know appears in the production system without this segmentation.

6. Update devices and software

Updating devices and software as soon as security patches become available, so as to avoid day 0 attacks, is critical to maintaining a strong cybersecurity posture. For good reason, updates provide fixes for security vulnerabilities that can be exploited by cybercriminals, as soon as these vulnerabilities are published: Threat Actors do threat intelligence, gain knowledge about exploits, and wait for companies to delay patching, in order to exploit vulnerabilities pointed out by the manufacturer itself.

Therefore, and since it is clear that an unpatched patch is a clear vulnerability, you should:

  • Automate updates whenever possible to ensure diligent implementation.
  • Perform tests to ensure that systems function correctly after an update, and if not, roll back with knowledge of the exposed vulnerability.

7. Effective firewall and antivirus

Antivirus software scans and protects computers against viruses, malware and other malicious programs. Firewalls, on the other hand, act as barriers that control incoming and outgoing network traffic, providing an additional layer of protection. An integrated system, such as EDR (Endpoint Detection and Response), allows everything to be managed centrally.

To proceed correctly, we must:

  • Choose security solutions tailored to the specific needs of your business, making sure that they really “support the business” without hindering it.
  • Verify that the security standards they have are adequate (i.e. that they have a meaningful scope) and that the SLAs (Service Level Agreements) cover them adequately.
  • Configure them correctly to maximize their effectiveness without interfering with business operations.
  • Implement a cybersecurity framework that integrates all tools and avoids security blind spots.

8. Establish a system that enforces access to data with strong passwords.

Strict control of data access is crucial to a company’s security. And that starts with the use of strong passwords. They are the first barrier against unauthorized access and hacking attempts.

The system to implement this first line of defense must enforce:

  • Use long passwords that combine letters, numbers and symbols.
  • Support multi-factor authentication for added security. MFA adds a layer of protection by requiring additional proof of identity. There are systems in place to have such second factor authentication, even if there is no internet connection or mobile coverage.
  • The system should automate the periodic change of passwords and should not allow reusing the same password, or one with a similar pattern, for several accounts or services, or the same one in different periods.
  • Implement the use of password managers to store and generate complex passwords. These tools help to securely manage a multitude of different passwords by having a master password of maximum complexity (but complex usability, you only have to use it once).

9. Establish a robust Information Security Policy

Document your cybersecurity policies, both to communicate them to your employees and to your customers: each type of stakeholder (third party) must know what security system applies to them and what they must commit to. Increasingly, customers are likely to want to know how you manage sensitive information, who has access to it, where the data is stored and what would happen in the event of a data breach. Provide this information to your customers as proof of good governance and strong compliance.

State your security levels and make them part of a consistent system of work:

  • Not everyone on your team needs to have access to your company’s data; this is called information classification and a “need to know” strategy.
  • Adopting a policy to determine who can access what information, such as financial information, customer lists and intellectual property, and under what circumstances is a minimum level of protection for a company’s most important asset: its information.
  • Procedure the use, segmentation and protection of information by criticality of the same.
  • Name a person responsible for the Information Security Strategy: without designation there is no involvement. Without involvement there are no results

10. Secure the transit of information and online transactions.

Use a DLP, or “Data Loss Prevention” system, you will also hear about Data Leak Prevention. On average, it takes companies 277 days to become aware of a data breach, according to the latest IBM report. If an organization has no systems, policies or awareness in place to protect the sensitive data it holds or is entrusted with, it runs the risk of exposing it to people who are not authorized to see or possess it. Data breaches can have devastating consequences for the company and its reputation, from loss of customer confidence to legal action.

What to consider for this measure?

  • Prioritize data: The first step is to decide which data would pose the greatest problem in the event of theft. The DLP should start with the most valuable or sensitive data that is likely to be targeted by attackers.

This is where the direct application of what was seen in point 9 comes in.

  • Classify data: Applying persistent classification tags to data allows organizations to track its us

This is a direct application of what was seen in point 9 above.

  • Monitor data in motion: It is important to understand how data is being used and to identify behaviors that put it at risk. Organizations need to monitor data in motion to gain better visibility into what is happening with their sensitive data and determine the scope of issues that their DLP strategy needs to address.
  • Communicate and develop controls: The next step is to work with line-of-business leaders to understand who can send what, to whom and how. This is a needs audit that leads to a Gap Analysis.
  • Train employees and provide ongoing guidance on “infoleak” risks.

By implementing these practices, your business will be better prepared to deal with current and future cyber threats.

For more details, you can contact us at Info@bravent.net