These days, everything and everyone is connected, which means that security has become a real headache for most companies. And more so since last Friday, when it became mandatory to comply with the new General Data Protection Regulation (GDPR) – especially since infringing it can spell real trouble for companies that haven’t taken it into account.
There’s no doubt that the proliferation of new threats, together with the complexity of the latest attacks, is driving companies to push security towards the top of their list of priorities. This in turn leads to greater investment in cybersecurity by companies. According to data supplied by Gartner, we’re talking about an 8% increase in cybersecurity spending for this year, or to put it another way, a total of $96.3 billion dollars.
Even though companies are strengthening the implementation of protection strategies for their systems, cybercriminals are also stepping up their efforts to exploit new weaknesses. All of this means that maximizing company security is now more than ever an absolute must for any organization.
Evaluate your company’s security
Given this current context, it becomes abundantly clear that companies must make sure the defense strategies they have in place for threats are performing to their full potential. To this end, carrying out a security audit can be a good way to find out the state of your company’s protection systems. This way, the analysis you carry out will provide an insight into the main risks your company is exposed to, its strengths, as well as where it can improve. Then, from here, the security teams can use the results as a starting point to design and implement a cybersecurity strategy which suits your company’s needs. But how can we get ready for this security audit?
Guidelines for drawing up a security plan
One of the very first steps in any security audit is to create an inventory of all devices. It’s absolutely essential to classify each and every device that is connected to the network (desktop computers, laptops, smartphones, multipurpose devices, and security systems integrated into the network) to have an accurate idea of what it is that needs protecting. It’s also important to keep this inventory up to date so that, when devices are added or removed, there are no surprises in the activity log.
As well as classifying every kind of device that needs to be protected, it’s also vital to carry out a periodic evaluation of the software used by the company. This means that companies must classify the software and firmware applications that are being run on each device on their network, and determine what software they need to run so that they can perform their tasks within the company.
Apart from this, it’s crucial to implement secure settings. That means any operating system, browser, and even printer, must be configured with security in mind. At the same time, in order to stop security breaches and make applications more secure, it is of utmost importance to apply patches or updates that will keep the system secure.
Finally, controlling shadow IT (IT systems and solutions built and used inside companies that have never been explicitly approved by the organization) is of vital importance to ensure an environment which is 100% secure.
What happens if there is a security breach in a company?
The effects of a cyberattack on an organization can be devastating, and even if we have a prevention protocol in place alongside a great security team, breaches happen. Therefore, it’s crucial to have a Security Incident Response Plan (SIRP) to face up to these threats. Planning an incident response strategy includes setting up a way to evaluate the situation, identify the kind and severity of the attack (the nature of the attack, where it came from, the possible intent, and the systems and files at risk) and a way to notify, document, and review these incidents and the possible damages suffered by the company.
Although carrying out a security audit is a task that requires a great deal of time and commitment, it is something that is simply unavoidable. It is the only way we can effectively draw up a plan to strengthen the company’s protection against cyberattacks and security breaches. The key is to have a detailed insight of everything that is happening on the company’s devices and networks in order to drastically reduce the attack surface.
Step 1: Frantically apply those 7 years of back service packs and hot fixes, while fervently hoping that they don’t break anything too important.
Step 2: Work up a sweat running around looking for random unsecured hotspots, Belkin hubs and other unauthorized network devices that someone plugged in so that the critical production server under their desk could have comms.
Step 3: Turn off all machines and devices you know are going to fail.
Step 4: Browse Dice, Monster, etc…