Back to basics: Security recommendations for your team
October is Cybersecurity Awareness Month, a time when we focus on ways to enhance security in our daily lives, both personally and, most importantly, as a company. While some measures may seem basic, it’s important to remember that many vulnerabilities stem from unpatched programs, and a large number of attacks originate from an employee clicking the wrong link.
This month is an opportunity to reset and rethink your security practices. Let us provide you with a checklist of simple steps you can implement to strengthen your security and protect your data.
Let’s start!
Regular Patching and Updates: Ensure that all of our devices and, of course, the programs we are using, are always up-to-date and running the latest versions. This helps keep our systems secure against vulnerabilities we may not even be aware of.
Employee Awareness and Training: It’s important to keep our employees trained and prepared for phishing attacks and social engineering campaigns. Nowadays, these are the gateway to our assets, so we need to provide ongoing training.
Multi-Factor Authentication (MFA): The second factor of authentication should be a MUST for all of our critical accounts. This helps prevent unauthorized access to applications by requiring an extra code along with the password, such as one sent by SMS or generated by an app like Authenticator.
Backup Critical Data: With the rapid growth of ransomware campaigns (and the increasing sophistication of these malwares), we need to protect and back up our assets daily. A well-known backup technique is 3-2-1: 3 copies of the data; on 2 different mediums; 1 offsite copy.
Network Segmentation: Proper network segmentation is essential, ensuring that each area is separated and correctly defined. This action prevents a potential attack from spreading within the internal network and helps contain such threats.
Endpoint Security: EDR (Endpoint Detection and Response) tools provide constant monitoring of network devices and help detect potential attacks early and effectively.
Incident Response Plan: Developing an incident response plan and testing it regularly helps ensure that the company knows how to respond and how to safely resume operations in the event of an attack.
Least Privilege Principle: Enforcing and implementing the least privilege principle ensures that all users within the company have the minimum privileges necessary to perform their tasks, minimizing the risk of lateral and vertical movement during an infection.
Threat Intelligence & Attack Surface Management: It’s essential to actively monitor all of our assets on the internet since they are often the first entry point for an attack. Daily scans of exposed ports and services are recommended, along with passive reconnaissance focused on leaked passwords, public information, and more.
Regular Vulnerability Scanning and Pentesting: The best way to prevent a potential attack is by conducting these tasks regularly and in a controlled manner, such as through pentesting or vulnerability scanning. This helps us understand how an attacker views our implementations from an external perspective and allows us to fix potential vulnerabilities early.
Trainings, red teaming services, or continuous scanning? We’ve got you covered. 🚀⚡
Related Posts
November 22, 2024
Faraday at Ekoparty 2024: recap
Ekoparty 2024 was more than just a cybersecurity conference—it became a hub for knowledge sharing, community building, and celebrating the…
October 7, 2024
Maturity Models in Vulnerability Management: Where Are You At?
Since organizations differ in size, structure, and maturity, there are various vulnerability management models tailored to each. These…
July 29, 2024
Expanded Attack Surface: How to Optimize Time and Resources in Cybersecurity
Security teams of all sizes, from large Fortune 500 companies to small NGOs, face the same problem: a lack of time and an ever-expanding…