Steps to Avoid a Pricey Data Breach
Are you swimming in information security concerns? Avoid a pricey data breach by reading further.
Recent and startling new malicious attacks are causing organizations to re-think everything we know about our security posture – from breach prevention to response. Organizations are beginning to shift their focus on security when they have realized that sometimes, compliance isn’t enough.
With this “shark in water” reality, here are 5 steps your organization should be taking to avoid a data breach.
- Perform an Annual Risk Assessment. The number one thing all organizations should be doing is performing an annual risk assessment. Without this critical component of an information security program, organizations are left in the dark about where their assets reside, and what the risks to those assets are. How can you protect your critical and sensitive assets from a malicious data breach if you don’t know what you’re protecting them from? A risk assessment will help you identify all assets and prioritize risks based on an individual threat level. A formal, risk-based approach is key to any organization’s security posture, and should be the basis of your risk management program.
- Create a Culture of Security. Calling all management, board of directors, and stakeholders! Information security auditors can’t stress enough how important it is to create a culture of security within your organization. The best way to accomplish this is by having a solid tone from the top. What does this mean? Upper-level management must understand the importance of information security and let this understanding permeate throughout the organization, all the way down to the operations level and beyond. An important way to ensure that all employees are aware of their security obligations is to develop and maintain a policy that addresses information security for all personnel, and conduct annual security awareness training programs.
- Update Software and Install Patches. When WannaCry, the infamous ransomware attack, hit earlier this year, organizations were left scratching their heads in disbelief that it all could have been avoided if they hadn’t ignored a Microsoft software update. Why leave a known vulnerability open to attackers? Software updates are critical for preventing a data breach and safeguarding your sensitive data.
- Closely Manage Your Vendors. Most businesses today outsource critical business functions to third-party service providers. However, it’s important to note that it’s best practice (and often required by regulation) to perform due diligence by fully vetting your vendors to ensure they, too, are implementing appropriate and effective controls to protect your assets, and will not negatively affect the security of your organization. Even after you are contractually working with a third party, organizations should issue temporary passwords to any vendor connecting to your network, monitor and log all user activity, and immediately disable temporary vendor accounts after use. Doing so can help you detect any malicious activity promptly, and respond accordingly.
- Know your Incident Response Plan. While organizations spend so much time focusing on how to keep malicious attackers at bay, sometimes they can overlook what they should do in the event of a breach actually occurring. Incident response plans are not only important when it comes to dealing with a flood or power outage. Don’t be caught with your sails down if your organization is compromised and ensure you have a fully developed incident response plan that has been both documented and tested. Organizations should have a designated team that is available 24/7 to handle any type of security incident. These teams must be fully aware of their responsibilities in the event of a data breach and undergo regular training.
Here are the six steps of an incident response plan:
2. Detection & Identification
6. Lessons Learned
In today’s cyber threat landscape, we’re swimming with sharks. So, remember, when compliance isn’t enough, focus on hardening your systems and fully developing your information security program. It’s never too late to re-think your organization’s security posture. If you’d like help with your security program or would like to see where your security posture currently stands, contact me today at firstname.lastname@example.org.
Sarah Morris is a guest blogger from auditor KirkpatrickPrice. The original blog post may be found here. For additional information on security program best practices, visit the Center for Internet Security (CIS) or contact Sarah at email@example.com.