Don’t have a New Year’s Resolution? Invest in cyber security
Credit to Author: Trend Micro| Date: Wed, 01 Mar 2017 23:03:02 +0000
Companies typically set weekly, monthly and yearly goals so they can exceed different types of expectations. If you have yet to set New Year's resolutions for your business, there's still plenty of time to do so.
We suggest coming up with resolutions that focus on protecting your company from IT criminals – ones who can do irreversible harm to your business by stealing or damaging data.
You and your employees don't work hard for nothing, so here are nine New Year's cyber security resolutions we believe you can incorporate into your company's plans with ease.
1. Form a strategy
No matter your business' size, you need to develop a comprehensive cyber security strategy that answers the following:
- Who will compose your IT security team? We discuss this more in the next segment.
- What will happen if your company is hacked, and how will it respond?
- What is your company's response if data is compromised? How will you reach out to and explain the situation to stakeholders?
- How do you plan to educate your team? We talk more about this in segment four.
- What's your strategy to continue to fund your cyber security operations? Remember, just because you run short on funds, that doesn't mean hackers will take a day off.
- How will you and your team adjust to new cyber security trends, and how will you convince your company to support your decision?
Forming a strategy is a key component of building a strong wall against IT criminals. If you don't have a plan, trust us when we say they will.
2. Develop a cyber security team
Every business must have some kind of cyber security protection. If you're a small-business owner, you are your IT security team. As your company grows, however, we hope your team expands with it because it needs to. Handling cyber threats can be time-consuming and stressful, and the right IT professionals need to be in charge to handle attacks.
When building your cyber security team, start by hiring experts – professionals who stay on top of industry trends. However, you should also bring employees on board who are also willing to grow and learn about cyber security best practices and new cyber threats. The cyber security industry is always changing, and therefore employees must change with it.
3. Be proactive
Waiting to be attacked will only make your company's systems more vulnerable to being hacked. Ed Cabrera, chief cyber security officer at Trend Micro, suggested that companies form "hunter-team programs." As you might imagine, the team's name describes what they do: They're responsible for proactively identifying new cyber threats that could harm IT networks, and they figure out new ways to combat them.
If you'd like to form this type of team, don't do so without Trend Micro's Smart Protection Network. This system is a strong sidekick that continuously mines data 24/7 looking for potential cyber threats, while also updating web, email and file reputation databases in the cloud. What makes this system great is how flexible it is: It will protect your devices no matter where you are in the world, and it'll do so by using a limited amount of company resources. This is possible because of its cloud capability.
4. Educate and prepare your staff
What kind of cyber threats are on the rise? (Trend Micro predicts more ransomware in 2017.) How can these cyber attacks affect your IT systems? What kind of resources do you have in place to upgrade your systems immediately if needed? These are questions you should ask yourself and educate your employees about.
While you and your staff likely keep in touch daily by at least chatting online, think about scheduling monthly meetings that solely focus on informing them about the latest in IT security happenings and how they could affect your company. Staff members who are in the know are better equipped to handle difficult situations.
5. Upgrade your facilities
The best kind of defense is one that can not only hold off cyber attacks, but patch vulnerabilities within your organization's IT environment. Cybercriminals today often use what are called exploit kits to attack and penetrate holes in your company's IT infrastructure.
Exploit kits aren't new weapons, but today's cybercriminals are also attaching ransomware to their exploit kits, reported Trend Micro. While kits come and go, the best ones are able to adapt quickly to changing environments. To defend against an always altering cybercriminal world, IT managers and their teams must constantly update their devices to the latest IT security software.
6. Educate your employees
Your IT security team can only do so much. These employees need support, and that assistance should come from colleagues in other departments across the company. Yes, that means people in marketing, sales, production and finance all need to play a part in keeping your business protected from hackers.
How do they do this? Simple.
Instruct employees to password protect all of their work devices. This includes personal items they may use in the office to conduct business. Inform them how to protect their personal data and company information by using IT security locks. And tell them who to contact if a breach occurs.
7. Invest in your IT security goals
Think about this concept: You can't get fit if you don't eat healthy and regularly workout at the gym. You can't become a great dancer if you don't know how to move your feet to the beat of the music. And you can't become a great photographer if you don't know the intricacies of a camera. What do all these people have in common? These enthusiasts invest in their craft, and therefore improve as professionals.
You must also invest in your company's IT security structure if you want your systems to keep up with the evolving cyber security landscape. The more resources you put toward upgrading your network systems and training your staff, the safer your business will be.
8. Don't get lazy
Trend Micro's Ed Cabrera believes it's critical that companies realize cyber crime is now a way of life. Just because IT security departments halt one cyber attack – no matter how big or small – they're still just as vulnerable to future ones. IT teams must ensure systems are updated and patched regularly.
Furthermore, they should take the extra step and set systems to update or patch themselves automatically at least once a week. This will prevent the occasional slip up from staff members who may forget to do so.
9. Back up data
Sometimes cybercriminals are able to get through even the most advanced IT security systems. They're able to breach a network and infiltrate the company. If they steal data, there may be little you can do to get it back unscathed or at all. That's why it's essential you find ways to back up all of your company's most critical data either on or off site. Employees should save their work on hard drives or, if your company is comfortable, in the cloud.
If you're using third-party vendors to back up your data, ensure they meet your IT security expectations. A couple of things to look for when trying to decide which third party to work with include:
- location: Try to avoid a company that it's in a location prone to earthquakes or major natural disasters.
- IT security protocols: Discuss at length how they protect their networks. Based on your expertise alone, you'll be able to tell whether they have the right security solutions in place.
- Contingency plans: Ask the vendor what its plan is if a cyber criminal breaches its network.
If you haven't set a New Year's resolution, it's not too late! The best type of resolution, whether personal or business, is one that improves your self or your company. We believe that investing in your IT security protocols and procedures is a great way to upgrade your company this year.