top of page

Did you know that basic cyber hygiene can prevent up to 98% of cyberattacks?

Writer's picture: Joe TierneyJoe Tierney

In the modern digital era, businesses are more dependent than ever on technology and online platforms. With this increased reliance comes the paramount importance of maintaining robust cyber hygiene.



1. Multifactor Authentication (MFA) is Essential:


  • MFA requires multiple verification factors, making it challenging for attackers. Simply knowing a password isn't enough.


  • With MFA, you can thwart 99.9% of attacks on your accounts.


  • It's crucial to choose an MFA method that offers minimal friction for users, such as biometrics or FIDO2 compliant security keys.


Common phishing attacks


In a phishing attack, criminals use social engineering tactics to trick users into providing access credentials or revealing sensitive information. Common phishing attacks include:








 

2. Zero Trust is the Future:

Zero Trust security layers


  • Zero Trust is a comprehensive security approach that verifies every transaction, asserts least-privilege access, and responds in real-time to threats.


  • Key principles include assuming a breach, explicitly verifying, and using least privilege access.


  • Overly restrictive security can be counterproductive, leading users to find workarounds that may compromise security.


 


3. Modern Anti-Malware is a Must:


  • Use extended detection and response anti-malware to detect and block attacks automatically.


  • Automation in threat detection and response is crucial. This includes automating alert collection, prioritization, and tasks.


 

4. Keeping Systems Up to Date:


Unpatched and outdated systems are a primary reason many organizations become vulnerable to cyberattacks. It's crucial to ensure all systems, including firmware, operating systems, and applications, are regularly updated.


Best Practices:

  • Apply patches, change default passwords, and modify default SSH ports to fortify devices.

  • Minimize the attack surface by eliminating unnecessary internet connections, restricting remote access, and using VPN services.

  • Transfer files containing system definitions securely and monitor network activity.

  • Implement continuous monitoring and automated remediation


 

5. Protecting Data:


Understanding your critical data, its location, and ensuring the right protective systems are in place is vital.


5 Pillars of a Defense-in-Depth Approach to Data Security:

  1. Identify the Data Landscape: Gain complete visibility into your entire data estate, whether on-premises, hybrid, or multi-cloud.

  2. Protect Sensitive Data: Label and classify your data accurately to understand how it's accessed, stored, and shared.

  3. Manage Risks: Address insider risks by combining the right people, processes, training, and tools.

  4. Prevent Data Loss: Ensure proper access controls and policies to prevent unauthorized use of data.

  5. Govern the Data Lifecycle: Create a unified approach across the enterprise for proactive data lifecycle management.


Conclusion:


While cyber threats continue to advance, it's worth noting that basic cybersecurity hygiene—such as enabling MFA, applying Zero Trust principles, keeping systems updated, using modern anti-malware, and safeguarding data—can prevent up to 98% of cyberattacks.

Comentários

Avaliado com 0 de 5 estrelas.
Ainda sem avaliações

Adicione uma avaliação

Get in touch

Keep up to date

Never miss an update

Thanks for submitting!

bottom of page