This is a thought leadership article by PrimeGlobal member firm K•Coe Isom which looks at cyber security best practices and assessing risk.
With the list of IT concerns ever growing and becoming more sophisticated with each day, it’s vital that all organizations, regardless of size or industry, practice basic cyber ‘hygiene’ and implement and follow best practices – your employees, customers, and business longevity all depend upon it.
Melissa DeDonder, Technology Advisor, K·Coe ISG suggests that you don’t need to understand every cyber threat out there to protect your business. The first step is awareness that your organization is vulnerable
For those businesses who don’t have the IT resources or bandwidth to handle a comprehensive cybersecurity evaluation, making the small investment in a third party to evaluate, guide, and implement best practices is a drop in the bucket when compared to the amount of crippling losses we are seeing across the country due to cyberattacks.
There are four primary areas that every business should implement, and reevaluate at least annually. The cycle to follow includes: identification, protection, detection, and response.
A company should identify and quantify the level of risk associated with information technology and their IT assets by completing and maintaining a written risk assessment.
Considerations that may be on the assessment include: web-based interfaces, third-party risk, and physical security. A data flow diagram should also be in place so there is a clear understanding of how all assets are connected to the network and each other, segregated, and protected.
Organizations also need a comprehensive group of policies and procedures to govern the IT assets. These items are a roadmap and set expectations for the enterprise assets. Employees and owners cannot be expected to understand all relevant and critical expectations if they are not laid out in a clear, concise, written, and professional manner.
Protect with controls
Upon identification of risks, a plan to mitigate and protect against those risks must be implemented.
Technical controls: Protective action incorporates the use of technical controls, including content filtering, anti-spam, anti-malware, endpoint protection, reputation services, quarantine/sandboxing services, and email filters, which will help to stop hackers from getting into your organization.
Education: No matter the technical controls, some phishing and social engineering will likely make it past your defenses. This is why it is important to educate and test employees so they can spot and respond to phishing and other forms of social engineering before they become damaging.
Testing: Ensure all critical patches are tested and applied in a timely manner. Patches may need to be dispatched on operating systems, browsers, browser-add-ons, web server software, database software, and remote management software.
Enforcement: Ensure written password guidelines are current and enforced. This could include password length, complexity, and allowable attempts. Another best practice is to turn on account logons to lock out an account after so many guesses.
“An unprotected business today is a sitting duck. There is always someone attempting to penetrate your cyber firewalls to steal anything they can access,” Melissa DeDonder, Technology Advisor, K·Coe ISG
Detect and monitor activity
Next the organization should establish a baseline for normal operations. This will allow for early warning when the inevitable occurs.
Detection controls could include, intrusion detection systems, endpoint detection, network traffic analysis or honeypots. An individual with the correct capabilities, either within the company or through a managed service provider, should be monitoring these systems on a daily, weekly, and monthly basis.
It is becoming more common for a hacker to have access to a system months before an exploit. This extra time allows the criminal to infiltrate your systems, explore your network and learn your habits, and understand what is important to you and the company. An early detection system could help discover these threats and shut them down (response) before a crisis strikes.
Breaches are common, and even with the best defenses the worst can happen. If your data and credentials are stolen (and data encrypted), you will need to stop the damage the best you can, find out how the hackers got in, shut off continued access, and plot a recovery plan.
It is important to have an incident response management plan in place to address these items. The plan should address how to best protect and defend your organization, customers, and employees and should be updated regularly to include the ever evolving threats.
And finally, once the threat is maintained, a business continuity management plan would need to be enacted quickly to get operations running and back to normal.
Behavior plays a key role in combatting cybercrime, and prevention is the best defense. The worst thing any business can do, is put it off until later – a lack of attention to cyber prevention and security in this day and age becomes a matter of not if, but when.
K·Coe Isom is a top 100 accounting firm and the nation's leading food and agriculture consulting firm. With roots dating back to 1932, the firm has expanded upon traditional accounting services to deliver increased value and growth for clients through comprehensive policy-to-plate strategies and specialized advisory in the areas of sustainability, federal affairs, land conservation, wealth management, succession planning, managed accounting services, strategic advisory, and talent strategy - to name a few. K·Coe Isom provides insight and solutions for the many aspects of food and ag, including commodity crops, permanent and specialty crops, livestock and dairy, food and beverage production and manufacturing, equipment dealerships, beer distribution, and biofuels. Additionally, the firm advises and supports clients in the manufacturing, construction, technology, and banking industries. The firm serves domestic and international clientele from coast-to-coast office locations. To find out more about how we work together to serve our clients, watch our video.Learn more