National Cybersecurity Awareness Month is commemorating its 15th year as an annual initiative to raise awareness about the importance of cybersecurity. NCSAM 2018 is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats.
Most of us have heard the term Cybersecurity, but what does it mean? Cybersecurity is defined as the protection of internet-connected systems, including hardware, software and data, from cyberattacks. This is comprised of both physical security and application security.
One of the most challenging elements of cybersecurity, is the continuous evolving nature of security risks. Historically, we have been reactive to events that have occurred, such as the 2018 attack on Under Armour’s MyFitnessPal application in late February. This cyberattack compromised usernames, email addresses and passwords from the application’s approximate 150 million users.
However, we need to be proactive. We need to protect ourselves before a cyberattack occurs. So, how do we do this? Let’s look at the following items:
- Application Security
- This is the use of software and hardware to protect applications from external threats
- Strong security software for each computer (PC, Mac, Linux, etc.) is needed to protect both the computer and the business network from an attack.
- A paid security software is recommended that would include Anti-Virus, Anti-Malware, a software Firewall, and Anti-Ransomware.
- Work with your IT Professional to make sure that you have a strong security package.
- Network Security
- This is a layer of protection that consists of mostly hardware devices to protect any unwanted attacks from the outside.
- The most important protection is a Firewall. This is a physical device that is placed on the network, between the internet and your computers & servers.
- This protects your network from attacks. The key to having a good Firewall is to make sure that the firmware (Firewall operating system) is current and up-to-date. Your IT Professional can help you keep this firmware current.
All businesses need to have a Disaster Recovery / Business Continuity plan in place and have it practiced at least once every year. A Disaster Recovery plan will list all the steps that need to be taken in the case of a disaster (i.e. Hurricane, Tornado, Fire), so that the business can be reopened and continue to operate as quickly as possible.
Lastly, we need to teach our employees and co-workers what to look for and what not to open, to allow for the protection of our business. We can protect our business using Security Software and a physical Firewall, but it is the employee’s responsibility to know what email not to open and what weblinks should not be clicked on.
A study by FEMA (Federal Emergency Management Agency) states that 40% of businesses do not reopen after a disaster and another 25 percent fail within one year. To survive, business owners need to prepare for an emergency and a Disaster Recovery Plan is an important part of the process. A key component to saving your business from possible failure is having data backups kept off-site (such as in the Cloud) and checking them often to verify that the backups are working.
Another proactive approach to protecting your business is to have a cybersecurity assessment performed of your computers and your computer network. This is typically a multi-step process and includes an External Vulnerability Assessment (testing your Firewall to make sure that no one can hack into your network), an Internal Vulnerability Assessment (to check everything inside of the Firewall to verify that all devices are properly protected), and a Penetration Test.
Penetration Testing is the practice of testing the computers, network, and a web application, to find the vulnerabilities that an attacker could exploit. A Penetration Test can be performed using an automated process or can be performed manually. The main objective is to determine and attempt to exploit weakness, and are performed by the good guys (like Elijah) who are trying to break into the network & computers so that the bad guys can’t.
To learn more about how a Cybersecurity Assessment, External Vulnerability Assessment, Internal Vulnerability Assessment, and/or Penetration Test can help protect your business, reach out to Elijah or other trusted managed IT and cybersecurity experts.
Founded in 2003, ELIJAH is a multi-award-winning leader in providing expert digital forensic, data security solutions, and managed IT. ELIJAH is owned and managed by former litigation partners and is an efficient boutique digital forensic, cybersecurity and IT solutions provider that makes clients’ lives easier through effective communication and white glove service. For additional information, please visit http://www.elijaht.com or call 866-354-5240.
Elite Networking and Consulting is now part of ELIJAH. ELIJAH looks forward to continuing to deliver managed IT services with the same degree of care and high standards created by Elite. ELIJAH is also pleased to broaden our scope of expertise in providing digital forensic, cybersecurity and IT solutions.