There are several proactive actions that can be implemented to mitigate IT security risks and keep your firm prepared.
When it comes to eliminating the risk of an IT security incident at your firm, the only way to get to zero risk is to not be in business.
However, there are several proactive actions that can be implemented to mitigate risks and keep your firm prepared. Ultimately, mitigation is about minimizing the risk factors, assessing the cost, and making plans to recover as quickly as possible with minimal loss and downtime.
While it would be difficult (and frankly, boring to most readers) to provide a comprehensive list of disaster recovery, cyber-attack response, and malware prevention tools, this article is designed to provide an overview of four categories of mitigation strategies that can help protect your firm – whether you have an in-house IT department, outsourced IT, or you do it all yourself.
Let’s take a look:
- Classification. Classification includes defining and understanding the events that can cause business downtime or data loss. To keep it simple, there are two main classification categories: infrastructure loss and cyber-attack/corruption.
Infrastructure loss happens when you lose access to the physical environment. This occurs if your building floods, burns, or a truck drives through the front of it. Infrastructure loss also includes lost connection to local hardware, such as if a gas leak shuts off access to your space, which can be especially detrimental if your firm has a local server. For engineering firms, this is a specifically unique challenge since most employees work with large CAD files; limited – or loss of – access can be detrimental to productivity and projects.
We’ll delve into mitigating risks for a cyber-attack/corruption soon, but for this “classification” category, it’s important to understand each type of event and how it could impact your business.
In either case, our best advice is to create a disaster recovery playbook. This step-by-step, written plan for each scenario with important login information and phone numbers can provide an established, strategic gameplan in the case of an emergency. - Insurance. Speaking of cyber security, having the right insurance to protect against infrastructure loss and cyber-attacks is critical and one of the most comforting “tools” you can have in your toolbox.
To start, add a cyber-security policy or rider to your existing business insurance. If your firm already has a policy, review it to understand what it does and doesn’t cover.
For example, an electronic data loss policy typically only covers the replacement cost for hardware, and not in the case of cyber-attacks or malware events. At Croy, our policy includes access to a third-party security firm that specializes in malware attacks. In the event of an incident, this is our first phone call (the phone number is included in our disaster recovery playbook for quick reference). The security firm will assess the damage, determine if the cost/time for recovery is worth the investment, and even negotiate and pay the ransom, if needed. An investment that is well worth it in our books.
After reviewing your insurance policy’s details, follow-up with a call to your insurance provider to dig deeper and get a full picture of your coverage. - Infrastructure. Keeping your business environment safe involves prioritizing managing, updating, and/or patching your equipment – including all infrastructure, servers, workstations, and AV – weekly.
To begin, check your router, firewall, or wireless access points for firmware and software updates. Threat actors are constantly looking and communicating exploits or bugs that take advantage of weaknesses in either firmware (component-level) or software (the operating system in your router, firewall, etc.), which makes this task a priority.
Most providers are proactive about pushing out updates to patch their equipment, but it is still necessary to update your internet-facing equipment and workstations as well. To make sure your machines are receiving and applying updates at regular intervals, I recommend having automatic updates turned on.
At Croy, our IT team uses automatic updates and network monitoring tools to keep us informed to see how far behind they are on updates. This allows us to prompt a user to install or reboot when an update or patch needs to be applied. But this step can also be as simple as making sure you and your employees are checking and installing updates regularly.
Want more tips? Continue reading this article at The Zweig Letter by clicking here.