cyber security best practices
TRANSCRIPT
Cyber Security Best Practices
YOU HAVE MORE TO SECURE THAN EVER BEFORE
NetworkMobile DevicesEmail systemsSoftware programsBusiness applicationsBusiness documentsHR docs / employee info
And more
SECURITY THREATS
User Error
Theft Phishing Scams
Malware
Legacy Systems
30% of phishing emails are opened, and 12% of
targets click on the link or attachment
SMBs are the primary targets for
ransomware, but only 34% test backups
regularly
$$
$SMBs lose
$7K -
$74K for each hour of downtime.
44% of small businesses report being the victim of
a cyber-attack.
Ransomware victims paid
$24M to regain access to their data in 2015 alone.
THE COST OF RANSOMWARE
1. Common cybersecurity mistakes to avoid
2. Things you need to know about ransomware
3. Creating a security policy
WHAT WILL YOU DO TO REDUCE YOUR
VULNERABILITY?
COMMON CYBERSECURITY MISTAKES
POST-IT FULL OF PASSWORDS 1.
The Fix: Explain to your
employees why
this is a bad idea,
and give them
some ideas on
how to manage
passwords safely.
OUTDATED OPERATING SYSTEMS2.
The Fix:
If you’re running outdated operating systems, it’s time to transition to something more secure.
SECURITY SOFTWARE THAT NEVER GETS UPDATED3.
The Fix:
Check for updates• Firewall• Anti-virus• Etc..
Replace old outdated security
equipment
OLD EMPLOYEES STILL HAVE ACCESS
The Fix: Set up a solid password policy and have passwords expire every 90 days.
4.
THINGS YOU NEED TO KNOW ABOUT RANSOMWARE
WHAT IS MALWARE?
MalwareMeans ‘malicious software’
Malware can enter a system through downloads, email attachments, advertisements, or any type of hole in the security of the system.
THE THREAT OF RANSOMWARE CONTINUES TO GROW
U.S. government estimates there are now 4,000 ransomware attacks being launched per day.
https://www.justice.gov
This is a 300% increase over the attacks seen per day in 2015.
PUT TECHNICAL SAFEGUARDS IN PLACE As a best practice, have an intrusion-prevention system and security software running on your computers.
Antivirus software
Firewalls
Spam filters
TRAIN EMPLOYEES
As a best practice, you should require all new employees to complete cybersecurity training, and then offer it on an ongoing basis to avoid information being missed.
PROVIDE EXAMPLES
Ransomware examples show employees what a
threat looks like so they’ll know the warning signs and be able to identify a suspicious message or attachment before they
click on anything.
CREATING A SECURITY POLICY
Limit PermissionsIf employees don’t need access
to sensitive information and assets to complete their job,
limit their permissions.
IDENTIFY ROLES AND RESPONSIBILITIES
DEFINE DATA RETENTION PARAMETERS
Perform a disaster drill
How long do you need
your data?
What regulations do you need to have in
place?
Do you have to be
compliant with any
regulations?
?
Military-
grade
256AES
MAKE SURE ENCRYPTION AND COMPLIANCE NEEDS ARE MET
10
10
10
10
01
10
01
10
01
10
01
01
01
01
01
00
11
00
11
00
11
00
10
11
0
BACK IT UP
• Choose the right technology partners
KEY TAKEAWAYS
Take precautions to safe-guard your data
• Applications and software up to date• Firewall, anti-virus, email security
Cybercriminals are taking advantage of new attack vectors – mobile devices, web-enabled and mobile applications and web browsers – to accomplish their mission.
Click here to learn how to quickly deploy web security as a cloud service to protect against increasingly sophisticated attackers.
TwitterFacebookLinkedIn
THANK YOU.