With a constant flow of Cybersecurity related headlines in the media, in malaysia alone, it is important that businesses are prepared.
So let’s get straight to the cybersecurity tips, then we can go into a little more detail on a couple of areas to help protect your business.
Cybersecurity Tips
- Take regular backups – See our tips here
- Use a ransomware protection solution – See here for advice
- Create an incident response plan
- Beware of phishing attempts
- Never click on malicious links
- Never open unexpected or untrusted attachments
- Keep your software updated
- Verify software legitimacy before downloading it
- Never plug an unknown USB into your computer
- Use a VPN when connecting via untrusted or public Wi-Fi
- Web application security/firewall technology
- Threat intelligence sharing
- Have the right web security/firewall/network segmentation
- Zero-trust implementation
Create an Incident Response Plan
This takes a little brainstorming normally with the key staff in each department.
These staff understand what data they use and create and the value of that data. They are the ones who understand the damage that can be caused if that data is destroyed or leaked.
By understanding the value of the data and how that data is used, you can work out the required effort to protect the data
There is a trade off between the convenience of using the data, the amount of security that data requires and the cost of securing the data,
One key thing to remember is, although it seems like a big task to take on, it doesn’t have to be completed in one go. Starting the task of protecting your data is the most important step, after that you can expand and improve what you have started, if you need help or guidance on starting this progress you can contact us (link below) and we can point you in the right direction.
Once you have identified the data and the value of that data, it’s time to make the incident response plan.
- Provide an overview
- Identify and describe roles and responsibilities if a incident occurs
- Tailor the response to specific business risks and needs based on the data identified previously
- Outline the current state of data/network security, be honest, identify weaknesses so they can improved upon, nothing is perfect
- Have clear detection and identification procedures
- Specify tools, technologies and resources needed for containment and eradication
- Outline recovery and follow-up tasks
- Have a communication plan
- Be well tested
- Have version control or a section to outline when and who made revisions to the plan
Following the above advice will not only reduce the risk of successful cybersecurity attacks, but it will reduce the damage done by any that do succeed.
Beware of Phishing Attempts
This is a broad statement, and to be honest the best approach to this is security training for your staff.
Good training will give an understanding of how the various cyber attacks are performed and how people are social engineered into clicking or giving out information.
This is an excellent example
You can never start protecting your data early enough. every proactive step you take can make all the difference if (or more likely when) you have some cybersecurity incident.
At Access Devices Asia Sdn Bhd, we provide Cybersecurity training for all levels of staff and technical skill, your first line of defence really is your staff, if they can identify threats before they happen your business cannot be any more secure, but nobody and no technology is perfect, so knowing what to do in the event of a cybersecurity attack, no matter how small or large, is vital for a business to maintain its operations. If you would like to dicuss options for your business regardless of size or industry sector then feel free to Contact Us.