Cybersecurity: Organizations Must Remain Vigilant

ImageQuestBusinesses should not let down their guard when it comes to cybersecurity. Cybercriminals persist in sending malicious attachments, links to fraudulent websites, and scams related to Covid-19, with the intent of deceiving people into sending confidential information or into donating money to supposedly charitable causes.

Recently observed cyber attacks include phishing, wherein an email is sent by a supposedly reputable source, but it actually leads to a bogus site; the goal is to obtain valuable information such as user credentials and profit from it.

Fortunately, businesses can mitigate cybersecurity risks by implementing the following steps.

Create a cybersecurity resilience plan

Organizations need a cybersecurity plan that allows them to:

  • Disconnect systems from the internet that do not need internet connectivity to ensure secure operations.  Controls must be in place in the event that connectivity cannot be removed.
  • Plan for manual process operations should systems become unavailable.
  • Identify system and operational dependencies.
  • Immediately restore devices and services.
  • Backup critical resources, such as firmware, software, ladder logic, service contracts, product licenses, product keys, and configuration information. These resources must be stored off-network, with a duplicate copy secured in a safe location.
  • Test and validate data backups and processes should data be lost because of cybersecurity attacks. 

Simulate your plan

Businesses should have an incident response plan in place to mitigate security risks.

  • All personnel, including the management team, must have a walkthrough of this incident response plan.
  • Key decision points must be discussed. The team has to identify who has the authority to make important decisions and under what circumstances.
  • Partner with a reliable Managed IT Services provider for support. Review service contracts for emergency incident response and recovery support.

Strengthen network security

  • Remove access from networks, such as overseas IP addresses, if applicable, that do not have legitimate business reasons to communicate with the system.
  • Mitigate internet-accessible connections immediately. Best practices include:
    • Patching all internet-accessible systems.
    • Deploying modular networks to protect workstations from direct internet exposure.
    • Ensuring all communications to remote devices use a strongly encrypted VPN, which is protected by multifactor authentication. 
    • Filtering network traffic to only allow known IP addresses. Consider geo-blocking where appropriate.
    • Connecting remote workstations to network intrusion detection systems where feasible.
    • Capturing and reviewing access logs from these systems.
  • Investigate which devices are internet-accessible and connect to business, telecommunications, or wireless networks.
  • Secure all required and approved remote access points and user accounts.
    • Discourage the use of default passwords on all devices.
    • Remove, disable, or rename any default system accounts wherever possible.
    • Implement a stringent password security policy (e.g., length, complexity).
    • Require users to change passwords periodically.
    • Plan to implement two-factor authentication for all remote connections wherever possible.
  • Disable unnecessary features and services (e.g., discovery services, remote management services, remote desktop services, etc.).

Advocate for consistent systems monitoring

A vigilant monitoring program detects anomalies in the system, including many malicious cyber tactics.

  • Log and review all authorized external access connections for misuse or unusual activity.
  • Monitor for unauthorized controller change attempts.
    • Implement integrity checks of controller process logic against a known good baseline.
    • Where possible, ensure process controllers are prevented from remaining in remote program mode while in operation.
    • Lock or limit set points in control processes to reduce the consequences of unauthorized controller access.

Founded in 2007, ImageQuest LLC offers managed IT services for companies in Nashville, TN; Louisville, KY; and Bowling Green, KY. Technology solutions include consulting, infrastructure, data compliance, cybersecurity services, and regulatory IT audit assistance. For more information, contact ImageQuest at 888.979.2679.

Criminals Are Ready. Are Your Employees?

ImageQuestAs technology becomes more and more integrated into the workplace, cybersecurity attacks are quickly becoming a seemingly everyday occurrence. Even if you have cybersecurity service in place, your Nashville business is – and will always be – a target. And your first line of defense is your employees.

Sadly, nearly half of all American workers are woefully undertrained. Even more alarming, approximately 8% of the nation’s employees have received no training at all. The vast majority of these are employees of small businesses, which are the most vulnerable to digital infiltration. Cybercriminals are fully aware of this training deficit and use this knowledge to find your business’s weakest link.

How Do They Do It?

As Nashville’s leading cybersecurity service, ImageQuest receives many questions about how, exactly, cybercriminals know which businesses to target and how information is accessed. The truth is that the people carrying out cybercrimes can tell very quickly which companies are an open smorgasbord of information. They do this by creating scenarios where an employee may feel comfortable giving out personal or business information. One example is a phishing email. This is a type of communication sent to resemble an incoming message from a trusted person or partner. 

As an example scenario, let’s look at ABC Inc. Jane, an HR manager for Middle Tennessee’s fictional ABC, Inc., gets an email from “Admin@ABCInc.com.”  The message asks for her to update her payroll system login information. She clicks on a link that she believes will direct her to this system. She enters her information into a legitimate-looking form and thinks nothing more of it. The criminal who sent the message now has access to the company’s financial information, employee names and bank account numbers, and anything else that Jane has access to. A cybersecurity service offering employee training in Nashville could have prevented this.

Cybersecurity Training Best Practices

Prevention is the best medicine for keeping cybersecurity attacks at bay. As a business owner, it is up to you to provide your employees with the tools they need to keep your information safe. Here are a few tips on how to get everyone up to speed and ready to combat corporate crimes in a digital world.

  • Do not lay blame. First and foremost, if your company is infiltrated, regardless of reason, do not blame your staff. Accept responsibility that they may not have received the proper data security training. Use it as a learning moment.
  • Start training. Contact a local cybersecurity service for training. Nashville’s ImageQuest begins this process by assessing your company’s current security protocols. The team then puts together a training package that covers cybersecurity from many angles.
  • Create awareness. Before training begins, prioritize cybersecurity awareness. This might be something as simple as sending your employees links to recent stories about data breaches in your industry. You might post flyers in the break room or host a catered “lunch and learn” session on the subject.
  • Work from the top down. Ensure that management sets the example. Your business’s leaders set the tone for how everyone else within your organization views cybersecurity. 
  • Press for better passwords. Email scams are not the only way criminals access your data. Another is by guessing passwords. Criminals have automated this process and can easily decipher word-only passwords. One of the most effective ways you can block brute-force attacks is by requiring passwords to be a combination of special characters, letters, and numerals. According to Nashville’s cybersecurity service experts, the longer and more complex, the harder a password is to crack.
  • Start at onboarding. It is one thing to train your current staff on cybersecurity measures, but if you want your new procedures to stick, they must be prioritized when onboarding new employees. Starting from day one, make sure that your entire staff – even those who do not have access to the company’s networks and systems – understand the importance of awareness.

ImageQuest offers cybersecurity service for Nashville businesses of all sizes. From a security assessment to event monitoring and employee training, ImageQuest’s IT Security Services are second to none. For more information or to speak with an expert, visit ImageQuest.com.