For many organizations, this is the time of year for forecasts and budgets for the upcoming year. From an IT perspective there are many considerations but there is no denying that cybersecurity is top of mind for 2023, as it has been for the last several years.
Let’s look at some of the considerations as organizations plan and budget from a cybersecurity perspective.
A large majority of cyberthreats can be mitigated by having what experts refer to as good cybersecurity hygiene. Simply described, these are a set of tools and practices that are performed on a regular basis to maintain the security of an organization’s users, devices, networks, and data.
Let’s look at some of these basic cybersecurity hygiene practices.
Firewalls and routers
These are the most basic tools in cybersecurity. However, some of the problems we see as IT Service Providers are:
- Consumer grade solutions in business environments. The needs of organizations are very different from those of individuals or home users. The consequences of a cyber incident can also be very different for organizations versus individuals. Business grade solutions for organizations are a must.
- Misconfiguration – Organizations can have the best business grade solutions in the market but if they are not set up and configured properly, the organization remains at risk. Also, it is imperative that you have a look at the configurations from time to time to ensure they still meet the needs of the organization.
Organizations must have strong password policies. Simple passwords, passwords that are recycled or passwords that are being used for personal and business purposes are an open door for cybercriminals to walk into an organization’s environment. Current standards dictate having passwords that are at least 12 characters long and include numbers, upper and lowercase letters, and symbols. However, as cyber criminals use more evolved tools to hack passwords, organizations will need to update their password strategy to keep up to date on the latest standards and trends.
Again, this is a basic function that helps mitigate risk. Having a patch management process to prioritize patching of equipment, applications and tools, especially when they involve known security flaws, should be a critical part of your cybersecurity hygiene.
Endpoint Detection and Response (EDR)
Antivirus solutions of old are now obsolete and useless against today’s sophisticated threat actors and their tools. EDR solutions that combine real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities are now part of the basic cybersecurity toolset.
Multifactor Authentication (MFA)
We have heard a lot about the importance of MFA over the last few years. MFA requires multiple authentications of access to systems and applications. The reason for that is that it has proven to be effective in preventing the majority (98% according to Microsoft) of account-compromising attacks. It is not 100% foolproof but continues to be an excellent tool in mitigating cyberattacks.
Cybersecurity Awareness Education and Testing
A cyber incident can be as close as someone clicking on a malicious link or visiting a malicious website. Educating the team members of organizations, from the executives to the office administrators, helps reduce the risks of a cyber breach and again is a basic cybersecurity hygiene requirement.
Again a basic process which involves dividing a network into multiple segments, each acting as its own small network. This limits the damage and scope of a cyberattack should a threat actor get into an organization’s environment.
Privileged Access Management
The restriction of access rights and permissions for users, accounts, applications, systems, devices, and computing processes to the absolute minimum necessary to perform routine, authorized activities. Restricting access rights and permissions helps organizations reduce their attack surface and mitigate the damage that can be caused by external attacks as well as from insider threats or negligence.
Protect sensitive, private, and confidential information by ensuring that you use data encryption solutions on devices and files and that the data is encrypted both as it moves inside and outside the organization (in transit) as well as when it is not in use (at rest).
Having a backup strategy ensures that critical information is regularly duplicated and stored in a secure location. It is also important that the data is available and accessible should it be necessary to retrieve it due to a cyber incident, an error (mistakenly deleting a file) or a disaster, natural or otherwise (fire, hurricane, etc.). Best practices for backups include the following:
- Always have three copies of your data. Your production (in-use) data and 2 additional copies.
- Two additional copies which should be on different media ex: Cloud, external drive, Network Attached Storage (NAS)
- One offsite copy which can be cloud-based data replication or an external drive that is taken offsite
- One offline copy. This is also referred to as an air-gapped or immutable backup. This means that there is no connection between the Offline backup and the network
- Ensuring zero errors after data recovery which entails the ability to restore files and folders correctly. This means backups should be monitored and verified on a regular basis to ensure recoverability.
The above are the basics when looking at your cybersecurity plan and budget for 2023. If any of these are missing or not implemented, they should be prioritized, planned, and budgeted for implementation without delay.
Other Considerations for Cybersecurity Planning and budgeting for 2023
Some of the other considerations for cybersecurity planning and budgeting, if the basics are covered, may involve:
- Compliance or privacy requirements based on your industry or market you are in.
- The evolution of cybercriminal tools, technology, and business models such as ransomware-as-a-service
- New or updated cybersecurity insurance requirements
- Geo-political or supply-chain considerations
The thing that must be kept in mind about cybersecurity is that it is a journey. The best approach is to develop a process that continuously assesses the cybersecurity posture of organizations and adapts to the evolving landscape.
MicroAge can help you with your cybersecurity journey. Contact us today to see how we can assist you.