Cybersecurity measures that all businesses should take in 2017
May 23, 2017 5:59am
Cybercriminals’ hacking techniques are constantly evolving. Older security systems can now be bypassed with ease – which means if you’re running a business, it is absolutely crucial to use up-to-date defense measures to combat hacking activities. Let’s take a look at some of the cybersecurity measures that every business should be taking in 2017.
Strong password policies
Even if you have all recommended cybersecurity measurements in place, it can all fall down if you use weak and predictable passwords. If a cybercriminal is able to hack your password, they will be able to immediately bypass the vast majority of your defenses. This will leave them able to steal data and leave lasting damage that affects not only you and your employees but also your customers.
You should never use a password that includes something like the names of your children or pets; sophisticated cybercriminals can use surveillance and social engineering techniques in order to establish likely words. Also avoid obvious dates such as birthdays for the same reason.
A strong password is a sentence that is at least 12 characters long – this can include spaces, punctuation or numbers, too. A strong password might be harder to remember, but it also makes it harder for hacking software to crack your password. You should also avoid using the same password for multiple accounts. Check out the National Cyber Security Alliance’s Tips for Passwords and Securing Your Accounts for more account security advice.
As hacking techniques change and become more advanced, they can be harder for people to recognise. Some hacking attempts can seem like genuine requests for logins, which can be easy to fall for. If one of your colleagues or employees provides their login credentials after receiving one of these requests, you will give hackers full access to your systems, and by the time you realize there has been a breach, it could be too late. Make sure your employees are educated on how to spot hacking attempts and illegitimate emails so you can avoid potential problems.
Penetration testing is a great way of detecting any vulnerabilities in your system, allowing you to upgrade further and protect against any threats. Penetration tests are designed to challenge your existing systems and cybersecurity defenses and to try and bypass them. Tests carried out during penetration testing typically replicate commonly used hacking techniques to see whether your system contains any vulnerabilities.
Typically, penetration testing will also include a report highlighting any issues or potential problems with your system found during the tests. This is a great way to improve your overall security, allowing you to nip any problems in the bud before a hacker can use them to their advantage. Penetration testing can also help your business remain compliant with industry regulations and demonstrate your company’s commitment to cybersecurity.
Ethical hacking might sound contradictory, but it is a great way of testing and improving your defenses. Ethical hacking is carried out by cybersecurity experts and simulates a real attack by mimicking the techniques used by criminal hackers to probe your system, test for weaknesses and attempt to gain access. These experts stay up to date with the latest hacking techniques in order to see if your defenses can stand up against them. This allows you to improve your defenses and grants you greater protection in the long run.
While ethical hacking may sound like the same thing as penetration testing, this is not the case. Penetration testing is often used as part of ethical hacking and uses digital techniques to breach the system, such as bypassing firewalls, predicting passwords and more. Ethical hacking can also use other techniques employed by hackers such as phishing attempts and more.
Managed detection and response
While preventive measures and regular testing are important parts of cybersecurity, they are no longer enough. Cybersecurity experts now state that managed detection and response (MDR) is an essential security measure in 2017. Gartner, the world’s leading information technology research company, predicts that 2017 will see a major increase in spending on MDR, with more than $113 billion to be spent on information security by 2020.
MDR services monitor your system 24/7 to watch out for any threats or security alerts. Having MDR in place means that if someone tries to gain access to your system, an instant alert will be sent out to whoever is running the MDR service for you, allowing them to quickly respond and to try and combat the problem.
Being able to identify and respond to malicious hacking attempts before they can cause damage to you and your business is now more important than ever. If you are running a business, you would be wise to incorporate MDR services into your defenses this year.
About the author
Mike James is an independent writer and cybersecurity specialist who regularly works with MDR expert Redscan, a UK-based provider of managed threat detection services and other cyber defense measures.