How to Prepare for a Cybersecurity Incident

A recent report by research firm, CyberEdge Group, found that 85.7% of Canadian organizations experienced at least one cyberattack within a 12-month period in 2021. The reality of this statistic is that for most organizations, no matter their size, it is only a matter of time before an incident impacts their business. The best strategy to have, as an organization, is to be prepared for an incident.   

As IT Service Providers, here are some of the areas that MicroAge recommends our clients implement to prepare their organization for defence against cybersecurity attacks. 

1. Patching

Having a consistent and effective patching process is an important part of mitigating the risk of a cyber-incident. Patching remediates vulnerabilities in operating systems and applications. Additionally, organizations should be aware that older technology may be a security risk when it is no longer supported by the developer or manufacturer. Since the technology is no longer supported, no patches to remediate any bugs or vulnerabilities are released. Bad actors will find and exploit these open doors.   

2. Configuration and Management

Many of the attacks that have taken place in the recent past have been the result of misconfigured firewalls or mismanagement of the technology on a network’s edge. It is important to ensure that organizations have the right technology that is properly configured, monitored, and managed to ensure that they continue to be updated, properly configured and secure.  

3. Protect Email

Phishing is still one of the leading causes of system breaches. Ensuring that the right technology such as, email spam and malware filtering, blocking of nefarious websites, employee cyber awareness training and testing programs as well as other solutions and services, are put in place as they are crucial to the security of organizations.  

4. Endpoint Protection and Monitoring

It is important to have an endpoint protection and response solution to watch for abnormal behaviours and responding to events. Just as important is monitoring the endpoints to make sure that malicious events are taken care of quickly and effectively.

5. Website Usage

As pointed out earlier, a solution is needed to block nefarious websites as well as websites that are known to be infectious such as gambling or adult entertainment sites. However, extending that to putting in policies internally so that local administration accounts cannot surf the internet in addition to good patching hygiene must also be put in place. 

6. Password Policies

Requiring complex and minimum length passwords is important to a good password management policy but remember that as the sophistication of bad actors increases, these requirements change. Staying up to date on these requirements is important. You can also invest in a secure password management solution. Adding multifactor authentication (MFA), and least privilege solutions and policies make it even harder for cybercriminals to gain access to systems and applications. All these policies and solutions must also apply to any remote desktops (RDP) or virtual desktops. Do not leave them vulnerable.  

7. Restrict Traffic

Do not allow unrestricted traffic through your virtual private network (VPN). It is very dangerous and a big security risk to have VPN accesses without multifactor authentication, access controls, segmentation of the VPN and zero trust policies. 

8. Segmentation

Whenever and wherever possible segment networks, specific machines, and processes to protect your environment and avoid widespread infection to critical systems, applications, and processes.  

9. Limit what your own people can do

If your internal people are given accesses to all of your systems, then, if a cybercriminal gains control of their account, they will have access to all of your environment and can cause widespread damage. Limiting accesses internally can limit the damage done by cybercriminals.  

These are but a few of the tips to ensure your business minimize the risks of a cyber incident. There are other services, solutions, and policies such as documentation and log preservation, that can help in preparing for an incident.

Call MicroAge today to learn more about how we can help you. 

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

The Internet of Things and Cybersecurity

As technology continues to advance at breakneck speed, more often than not we are left with smart devices. Every day it seems like there is…

Read More

What the End of Support for Windows Server 2008 Means for You

Cloud services that allow us to store data online are critical to the operations of thousands of businesses around the world. However, as technology marches…

Read More
audit tech

Back to the Office: Auditing Tech and Adjusting your Business

Many businesses were not ready for the global health crisis we were plunged into and needed to adapt quickly. Now that economies worldwide are reopening…

Read More
Create a team in Microsoft Teams

How to Build a Team in Microsoft Teams in 10 steps

Many organizations have started using Microsoft Teams for online meetings and chat. The fact is, in the past year, the usage of Microsoft Teams has…

Read More
creating incident response plan

Creating Your Incident Response Plan 

In a previous article we wrote about the activities and information required to create an effective incident response plan. In this article we will talk…

Read More