Left Menu
Development News Edition

Best cybersecurity practices to make your business cyber resilient

Considering the fact that cybersecurity threats are real and inevitable in today's hyper-connected world, businesses, regardless of their size, must consider cybersecurity as a critical part of their investment planning.

Renu MehtaRenu Mehta | Devdiscourse | Updated: 06-02-2020 22:08 IST | Created: 05-02-2020 21:07 IST
Best cybersecurity practices to make your business cyber resilient
Image Credit:

Cybersecurity is no longer a buzzword but a prominent concern in the hyper-connected world. The digitalization drive and increasing use of new technologies such as big data, Internet of Things, cloud, blockchain, and artificial intelligence, has significantly raised cyber risks, as never before.

And when it comes to businesses, regardless of their size, they continue to experience a greater number of destructive cyber attacks, compromising sensitive data and valuable assets. Cyber risk has also been identified as the top-most corporate perils for 2020 and beyond, according to a report based on the insight of more than 2,700 risk management experts from 102 countries and territories.

Here are some of the best cybersecurity practices that businesses must follow to address cyber risks and achieve resilience.

  • Firewall

A firewall is a network security system that monitors incoming and outgoing network traffic and decides whether to accept, reject or drop specific traffic based on a pre-defined set of security rules. It establishes an obstacle between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.

They may be able to prevent some attacks by blocking malicious traffic and restricting unnecessary communications. Though it doesn't guarantee that your system won't be hacked, it definitely serves as the first line of defense in network security.

  • Regular data backups

While cyber-attacks are inevitable, regular data back-up and updates to other off-site devices help ensure additional protection and quick recovery, in case data is compromised. It is essential to deploy an automatic backup solution to limit damage and restore normal operations quickly.

  • Strong passwords and multi-factor authentication

Commonly used passwords such as '123456' or 'password' or 'abc123' which are also listed among the worst passwords of 2019 can simply give further advantage to attackers. Using strong and unique passwords may help prevent "brute force attack" where the cybercriminals use software tools to try millions of character combinations to attempt an unauthorized login. Security experts recommend to use password managers that store and protect all passwords in one place.

Multi-factor authentication (MFA) is a must-have tool for businesses. It adds an extra layer of security on top of passwords to protect the most sensitive data against cybercriminals. For example, if an attacker learns the username and password, it's impossible for him/her to pose as an authorized user without providing multiple authentication factors. These factors can include - passcodes, a physical device like a phone or biometric identity.

  • Virtual Private Network

A Virtual Private Network or VPN creates a safe and encrypted connection that ensures secure transmission of sensitive data over a public network such as the internet or WiFi Hotspots. In the simplest terms, a VPN technology prevents bad actors from eavesdropping on your online activities by creating an encrypted connection or data tunnel between your local network and a VPN server in another location.

VPNs can hide confidential information such as online banking credentials or social media passwords over a public network that would otherwise be used by government agencies, marketers, cybercriminals or cyber thieves for surveillance, identity theft, financial fraud or other illegal activities.

In addition to hiding sensitive information, Virtual Private Network helps you escape spying, data and bandwidth throttling, anonymously access any content on the web, even the geo-restricted websites, from anywhere in the world.

  • Keep security softwares up-to-date

It is essential for any employee or organization to keep its security softwares, web browsers, and operating systems up-to-date to defend against new cyber threats. Software updates not only patch software vulnerabilities but also add new security features to deal with potential vulnerabilities and stand vigilant against future attacks.

  • Cyber Security Incident Response plan

To identify compromises at the earliest stage, to minimize damage in the event of a security breach and continue operation under attack, a well-defined incident response (IR) plan is needed.

  • Employee awareness and training

Organizations should implement initial and periodic cybersecurity training on information security concepts for their employees. This will help them identify potential threats and vulnerabilities in the future. The speed with which organizations detect security breaches is faster for those who provide higher levels of training, says an Accenture report on cyber resilience.

Cybersecurity training will not only help the employees make good choices online but also deal with future social engineering attacks such as Phishing, Vishing or Smishing where the attacker uses social skills to compromise critical information about an organization or its digital resources.

The Cybersecurity and Infrastructure Security Agency (CISA), a division of the United States Department of Homeland Security (DHS) that defends critical infrastructure against threats recommends the following security practices to avoid being a victim of social engineering attacks:

  • Be suspicious of unsolicited phone calls, visits, or emails from unknown individuals asking about employees or other internal information. Verify an unknown individual's identity directly with the company, if he/she claims to be from a legitimate organization.
  • Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information.
  • Do not reveal personal or financial information in an email, and do not respond to email solicitations for this information.
  • Don't send sensitive information over the Internet before checking a website's security.
  • Pay attention to the Uniform Resource Locator (URL) of a website.
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use the contact information provided on a website connected to the request; instead, check previous statements for contact information.
  • Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
  • Take advantage of any anti-phishing features offered by your email client and web browser.
  • Investing more in cybersecurity

Considering the fact that cybersecurity threats are real and inevitable in today's hyper-connected world, businesses, regardless of their size, must consider cybersecurity as a critical part of their investment planning.

According to Accenture's 2019 State of Cyber Resilience report, the rate at which organizations scale investments across their business has a significant impact on their ability to defend against attacks. Those best at scaling technologies perform four times better than their counterparts. Also, for those best at scaling technology investments, security teams discovered almost three-quarters of cybersecurity attacks againsttheir organizations compared with only half of all cyberattacks for their counterparts.

(Disclaimer: The opinions expressed are the personal views of the author. The facts and opinions appearing in the article do not reflect the views of Devdiscourse and Devdiscourse does not claim any responsibility for the same.)

Download The Devdiscourse News App for Latest News.


  • FIRST PUBLISHED IN:
  • Devdiscourse

TRENDING

OPINION / BLOG / INTERVIEW

Maritime transport post-COVID 19: Disruptions ahead in business models, techno-investments, regulations

Cargo shipping is a crucial part of the global supply chains and is likely to become more resilient along with efforts to make supply chains resilient but cruise liners could face much more disruptive changes....

Asia-Pacific response to COVID-19 and climate emergency must build a resilient and sustainable future

... ...

Videos

Latest News

WHO head defends handling of coronavirus pandemic against Trump criticism

The head of the World Health Organization gave a strident defence of his agencys handling of the coronavirus pandemic on Wednesday, in response to U.S. President Donald Trumps criticism and suggestions that Washington could review its fundi...

Saudi-led coalition puts military operations in Yemen on hold for 2 Weeks

Riyadh Saudi Arabia, April 9 SputnikANI The Saudi-led coalition fighting Houthi rebels in Yemen has put military operations on hold for two weeks, the state Saudi media reported Wednesday. Coalition spokesperson Col. Turki al-Maliki has be...

FOREX-Risk currencies buoyed by cautious hopes pandemic is peaking

Risk-sensitive currencies climbed on Thursday on budding optimism the coronavirus pandemic may be peaking although the euro was dented by the European Unions failure to agree on more support for their weakened economies.The Australian dolla...

Cats can catch coronavirus, study finds, prompting WHO investigation

Cats can become infected with the new coronavirus but dogs appear not to be vulnerable, according to a study published on Wednesday, prompting the WHO to say it will take a closer look at transmission of the virus between humans and pets. T...

Give Feedback