How to Prepare for a Cybersecurity Incident

A recent report by research firm, CyberEdge Group, found that 85.7% of Canadian organizations experienced at least one cyberattack within a 12-month period in 2021. The reality of this statistic is that for most organizations, no matter their size, it is only a matter of time before an incident impacts their business. The best strategy to have, as an organization, is to be prepared for an incident.   

As IT Service Providers, here are some of the areas that MicroAge recommends our clients implement to prepare their organization for defence against cybersecurity attacks. 

1. Patching

Having a consistent and effective patching process is an important part of mitigating the risk of a cyber-incident. Patching remediates vulnerabilities in operating systems and applications. Additionally, organizations should be aware that older technology may be a security risk when it is no longer supported by the developer or manufacturer. Since the technology is no longer supported, no patches to remediate any bugs or vulnerabilities are released. Bad actors will find and exploit these open doors.   

2. Configuration and Management

Many of the attacks that have taken place in the recent past have been the result of misconfigured firewalls or mismanagement of the technology on a network’s edge. It is important to ensure that organizations have the right technology that is properly configured, monitored, and managed to ensure that they continue to be updated, properly configured and secure.  

3. Protect Email

Phishing is still one of the leading causes of system breaches. Ensuring that the right technology such as, email spam and malware filtering, blocking of nefarious websites, employee cyber awareness training and testing programs as well as other solutions and services, are put in place as they are crucial to the security of organizations.  

4. Endpoint Protection and Monitoring

It is important to have an endpoint protection and response solution to watch for abnormal behaviours and responding to events. Just as important is monitoring the endpoints to make sure that malicious events are taken care of quickly and effectively.

5. Website Usage

As pointed out earlier, a solution is needed to block nefarious websites as well as websites that are known to be infectious such as gambling or adult entertainment sites. However, extending that to putting in policies internally so that local administration accounts cannot surf the internet in addition to good patching hygiene must also be put in place. 

6. Password Policies

Requiring complex and minimum length passwords is important to a good password management policy but remember that as the sophistication of bad actors increases, these requirements change. Staying up to date on these requirements is important. You can also invest in a secure password management solution. Adding multifactor authentication (MFA), and least privilege solutions and policies make it even harder for cybercriminals to gain access to systems and applications. All these policies and solutions must also apply to any remote desktops (RDP) or virtual desktops. Do not leave them vulnerable.  

7. Restrict Traffic

Do not allow unrestricted traffic through your virtual private network (VPN). It is very dangerous and a big security risk to have VPN accesses without multifactor authentication, access controls, segmentation of the VPN and zero trust policies. 

8. Segmentation

Whenever and wherever possible segment networks, specific machines, and processes to protect your environment and avoid widespread infection to critical systems, applications, and processes.  

9. Limit what your own people can do

If your internal people are given accesses to all of your systems, then, if a cybercriminal gains control of their account, they will have access to all of your environment and can cause widespread damage. Limiting accesses internally can limit the damage done by cybercriminals.  

These are but a few of the tips to ensure your business minimize the risks of a cyber incident. There are other services, solutions, and policies such as documentation and log preservation, that can help in preparing for an incident.

Call MicroAge today to learn more about how we can help you. 

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

Security requirements Canada

5 Minimum Security Requirements Canadian Businesses Need for 2020

The Canadian Center for Cyber Security recently issued a whitepaper talking about the many steps small businesses need to take to ensure their businesses are…

Read More

Cybersecurity Landscape for 2021

In 2020, we saw a change as companies attempted to adapt to the “new normal” caused by the pandemic. As such, there has been an…

Read More
Windows 11

What Businesses Need to Know about Upgrading to Windows 11

On October 5th, 2021, Microsoft released Windows 11. In this article, we are sharing the information needed on Windows 11 to make an informed decision about if and when businesses should upgrade the…

Read More

How to prepare for Microsoft Server & SQL Server 2008 end of life

As you might already know, extended support for Microsoft SQL Server 2008 and SQL Server 2008 R2 is ending on July 9th. 2019. With the…

Read More
Etiquette Video Conferencing

Online Etiquette to Follow During Video Conferences

Technology has been a blessing during this challenging global health pandemic. Even though physical gatherings and meetings are not allowed and may have health repercussions,…

Read More