With the increase in malware and ransomware attacks in the past year, it is clear that organisations should update their cybersecurity policies and processes. However, cybersecurity measures are just one aspect of an overarching business continuity plan. As we head into the holiday season and the new year, organisations must ensure that they not only have enhanced security measures in place, but also an effective recovery plan.
This may seem intuitive, but with the shifting digital landscape, it’s worth re-evaluating your recovery plan regularly as new threats emerge. Consumer trends also contribute to this, as any extended period of downtime (more than a day) can cause damage to an organisation’s reputation.
Therefore, organisations must have visibility into network traffic, and be able to spot any unusual activity. This can either be done by a security team – or, for increased efficiency, by a tool that regularly scans for suspicious behaviour. Similarly, if there is a breach, security teams should have a clear process of detecting, tracking and saving any evidence. The reason for this is twofold: firstly, it may aid effort to bring the affected server or service back online. Secondly, it will help diagnose the hack and help prevent future breaches.
Two other areas for organisations to consider are remote workers and any public cloud services. As has become evident this year, remote working can severely heighten cyber risk, as personal devices and networks may not have the security necessary to stop a cyberattack. Furthermore, employees may not practice good cyber hygiene when working from home. While providing employees with resources and cyber training is a good start, security teams will also need to grapple with the fact that they will have to deal with a heightened amount of threats.
Similarly, outsourcing key functions to public cloud services for flexibility, scalability and simplicity may seem to be a clear business win. However, organisations lose the visibility into those networks. This is changing somewhat, as cloud services are providing increased visibility. If your organisation uses a cloud service, make sure you check their policies regarding security monitoring.
Diagnosing and tackling the origin of a hack quickly will go a long way to minimising any potential downtime. Ensure that your organisation has all the visibility it needs to protect your services – and your business.