Topics In Demand
Notification
New

No notification found.

Elevate your cybersecurity defences
Elevate your cybersecurity defences

10

0

As organizations become more digitally advanced, cybersecurity programmes become increasingly critical. Over the last three years, the global average cost of a data breach has increased by 15 percent. Of those organizations who experienced a breach, just one-third discovered the attack through their own security teams, highlighting a need for better internal threat detection and a stronger cybersecurity posture.

As a quick refresher for Cybersecurity Awareness Month, take a look at these eight steps to enhance your organization's cybersecurity readiness and safeguarding against potential threats:

  1. Multi-factor authentication: Mandate the use of multi-factor authentication across the organization. Two or three layers of security significantly reduces the risk of unauthorized access, even if login credentials are compromised.
  2. Use approved devices only: Hybrid and remote work models have exacerbated cyberattacks. It’s imperative that organizations ensure employees use only work-approved, secure devices when working remotely. Employees should also have access to an encrypted VPN and avoid public networks, which are highly susceptible to cyberattacks.
  3. Change system passwords: Regularly update system passwords so previously stolen credentials are rendered useless to malicious actors. Additionally, installing a password manager effectively ensures different passwords are used across various accounts. (Read more in Protect your digital identity on World Password Day with stronger credentials.)
  4. Patch and protect: It is the role of cybersecurity professionals to ensure that systems are patched and protected against all known vulnerabilities. Implementing intrusion detection and prevention systems can also actively protect against threats and unauthorized access.
  5. Data backup: Regularly backup data and ensure that these are stored offline or in a secure, isolated environment. Offline backups are inaccessible to malicious actors, reducing the risk of data loss due to ransomware or other attacks.
  6. Practice: Conduct cybersecurity drills and exercises to test the organization's incident response plan. These simulations of various cyberattack scenarios ensure employees become better prepared to respond quickly and effectively to minimize the impact of a real attack.
  7. Encryption: Implement encryption for sensitive data, both in transit and at rest. Encryption ensures that regardless of data being stolen, it remains inaccessible without the encryption keys.
  8. Educate: Teach employees the common tactics used by attackers over email or through websites. Organizations could simulate a phishing email and offer training to those who fail to recognize it as a potential breach. Employees should also feel confident in reporting unusual behaviour on their computers or phones.

Though these recommendations are easy to understand at a surface level, many organizations find fulfilling them a challenge due to system architectures already being designed and implemented. However, building these protocols into business strategies will help mitigate data breaches and the knock-on effects to operations.

 

Mark Brown

Mark Brown, Global Managing Director of BSI Digital Trust Consulting, has more than 20 years of expertise in cybersecurity, data privacy and business resilience consultancy. He has a wealth of knowledge including extensive proficiency on the Internet of Things (IoT) and the expanding cybersecurity marketplace.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


BSI enables people and organizations to perform better. We share knowledge, innovation and best practice to make excellence a habit – all over the world, every day.

© Copyright nasscom. All Rights Reserved.