"Shark Tank" Star Robert Herjavec Shares a Guide for Rebuilding After a Cyber Attack
Business Solutions The TV personality, bestselling author and CEO of a global IT security firm lays out an action plan for the businesses and organizations that want to strengthen their cyber security.
It can take a seminal attack like this to make us all pay attention. When there’s an infrastructure breach that affects consumers, or a utility goes down, or the transit system is disrupted, we all take notice. Yet, despite the headlines and recent legislative impacts, we have a sense that these attacks will never happen to us. But I can tell you — it’s going to get worse. These attacks will continue to happen.
In the recent Equifax breach, over 143 million consumers were impacted when information, ranging from birth dates to Social Security numbers, was compromised. We have focused a lot on the consumer side of this breach, but what about the small, medium and even enterprise business impacts?
When an incident occurs, it’s imperative to contain the breach and get back to standard operations as quickly as possible. To do that, you need to have a baseline. What did “good” look like? Where are the key assets that the business cares about, and were they impacted? What processes or technology failed, allowing the attack?
If your business was impacted by the Equifax breach, my advice to you, given the nature of the attack, would be very similar to what’s been circulated at the consumer level. In addition, at the enterprise level, this attack has reminded us to always keep a few basics top of mind. I would encourage businesses that were impacted to share these tips with their employees and update their corporate policies:
Update your passwords regularly, for both personal and corporate devices, networks, etc., and use a complex combination of phrases, characters and symbols.
Leverage two-factor authentication. With this protocol, when you log in with an ID and a password, a text or email is also sent to a separate device to validate your identity. Use this, and encourage your employees to use it as well, on both personal and corporate devices.
3. Pay attention
Don’t ignore unexpected bills and collection calls. It’s important to validate that you (or your employees or business entity) haven’t been the victim of identity theft. You should also contact your financial services provider and credit bureau if you stop receiving a statement.
Don’t make it easy on the hackers. To limit risk, segment your networks and know where the crown jewels are kept at all times.
Balance technology, process and people. Educate yourself, educate your employees and have a plan in place. Evaluate the technology you have in your environment. Stay up to date on your patching. Consider having your architecture reviewed to understand where you can optimize your investment further. Many enterprises choose to partner with a cyber security firm to provide insight, support and staff augmentation where required. You don’t know what you don’t know — recognizing that and working with an expert can help you mature your security posture significantly.
Have an incident response plan. It’s not if anymore — it’s when. How are you going to be prepared to detect and then contain the risk? Who do you call? Who does what, when? What’s the priority? These points need to be worked through by building an incident response framework for your organization.
With regular vulnerability and penetration tests, many security flaws can be easily mitigated and understood. Often organizations skip this critical testing on production sites to reduce impact to business and costs. We also recommend phishing tests across your employee base to test and then educate your team about the risks of clicking a link or opening a suspicious attachment.
Develop strong access controls. Build internal policies where you’re required to change your passwords regularly and use two-factor authentication. Cut down access to your crown jewels. Limiting access controls within your enterprise is pivotal. You always want to know who is accessing what data, when, for how long and, most importantly, why. Being able to control that is important to staying a step ahead, and, ideally, you want to have your entire environment supported with 24x7x365 visibility through Managed Security Services.
We know cyber security isn’t a perfect science, but committing to these basics will go a long way to keeping you cyber safe as a consumer and business. Be aware — and, when in doubt, don’t click that link.