Quest Technology Management

Helping clients manage their technology for over 30 years.

12 ways to defend your business against cyberthreats

 business continuity strategy best practices

As cyberattackers exploit new techniques and get better at covering their tracks, several types of cyberthreat now loom large:

Here are 12 action items that can help your clients protect their businesses:

1      Review ransomware response plans

Endpoint protection is essential but not foolproof, so everyone in an organization needs to know how to react to a ransomware attack.

2      Boost server protection

Your clients should ask and answer the following questions. Is server access protected by two-factor authentication? Are servers properly configured and running endpoint protection? Is server data encrypted? Is server data regularly backed up/archived off-site and off-line?

3      Make sure power supplies can withstand disruption to the electrical grid

Your clients’ organizations should have a plan in place to continue operations during events that impact industrial control systems.

4      Embrace compliance requirements

Since data is both an essential asset and, when compromised, a potentially enormous liability, your clients’ ability to meet compliance and audit requirements can differentiate a business enabler.

5      Map all data

Even beyond compliance and audit demands, your clients need to know what data their organization handles — as well as how, where, and why — to make sure all data uses are documented and appropriately protected.

6      Use cloud security services

Agile cloud security services can implement new detection capabilities faster than on-site options. Opt for customizable solutions that exploit clouds’ scale, increased data telemetry, machine learning, API-based access, and staff expertise.

7      Move beyond breach prevention alone

Your clients should also focus on supporting business resilience and response to cyberattack. This means crafting and deploying strategic plans that balance detection, prevention, response, and recovery.

8      Incorporate processes that enable continuous adaptive responses to risk and trust assessment

This will help your clients identify issues early on and better manage the risks associated with digital business ecosystems.

9      Communicate with senior leadership in the language they understand

To get critically important senior leadership support, avoid techno-speak and spotlight business consequences of cyberthreats.

10      Understand the role of machine learning/AI

Soon, machine learning will enable humans and machines to complement each other and outperform what each can accomplish alone.

11      Improve employee cybersecurity training

This means going beyond baseline training to customize cybersecurity training according to your clients’ particular enterprise and even to specific employee roles and responsibilities.

12      Get trustworthy help

Unless your clients have a depth of cybersecurity and risk management expertise in-house, encourage them to seek expert help you and they can trust.