Five Best Practices for an Incident Response Plan
Use these five best practices to create or update an IT security incident response plan.
Be Cyber Smart for Cybersecurity Awareness Month
Be Cyber Smart for Cybersecurity Awareness Month
From Adopt-a-Shelter-Dog Month to National Pizza Month, October is a busy time for national observances. One to pay special attention to this October is Cybersecurity Awareness Month -- sponsored by the Cybersecurity and Infrastructure Security Agency and the National Cyber Security Alliance (NCSA).
Now in its 18th year, the annual campaign focuses on raising awareness about the importance of cybersecurity through a variety of events and resources. But is it necessary to designate a whole month to cybersecurity awareness?
With cyber incidences on the rise and the costs of the events growing exponentially, the answer is yes. In 2020, malware increased by 358% overall and ransomware increased by 435% as compared with 2019. The estimated cost of ransomware was $20 billion, up from $11.5 billion in 2019 and $8 billion in 2018, and the average ransomware payout has grown to nearly $234,000 per event.
In addition, the 2020 World Economic Forum’s Global Risks Report listed cyberattacks on critical infrastructure (CI) as a top concern. As the Colonial Pipeline and Solar Winds cyber-attacks demonstrated, the threats are real and the impact significant.
Do Your Part. Be Cyber Smart.
Each October features a different theme that addresses specific cybersecurity challenges and actions to overcome them. The theme for October 2021 is “Do Your Part. #BeCyberSmart.”
Each week throughout the month, the campaign will focus promotions and outreach in the following areas:
- Week of October 4: Be Cyber Smart - highlights IT security best practices and general cyber hygiene to keep your information safe.
- Week of October 11: Fight the Phish – stresses the importance of being wary of emails, text messages or chat boxes that come from a stranger or someone you weren’t expecting.
- Week of October 18: Explore. Experience. Share – highlights Cybersecurity Career Awareness Week, and promotes the exploration of cybersecurity careers.
- Week of October 25: Cybersecurity First – focuses on individuals, organizations, and government entities all making cybersecurity – and IT security, in general – a priority.
Cyber Security Best Practices
Cybersecurity Awareness Month is a great way to reinforce the importance of cybersecurity. It should also serve as a reminder that cybersecurity must be top of mind 24/7365 and integrated into our daily lives, as well as into business and government operations. You’ll find plenty of resources online, in addition to those associated with Cyber Security Awareness Month, that cover cybersecurity best practices and recommendations.
Here are few specific actions ─ with links to services and information from US Signal ─ that you can take to increase your organization’s overall IT security posture:
- Implement a vulnerability management program that not only includes vulnerability scans but also analysis of the scan results with recommended, prioritized actions to help address the most serious issues while making optimal use of resources.
- Employ a multi-layer, defense-in-depth strategy that provides protection at the perimeter, application, endpoint, and physical security layer. If one mechanism fails, another is available to thwart an attack.
- Strengthen endpoint protection with a proactive Endpoint Detection and Response solution. It should incorporate continuous monitoring and advanced technologies such as machine learning to protect against, detect and quickly respond to ever-changing and increasingly complex threats.
- Create a comprehensive patch management program that ensures you have the latest patches available, prioritizes them by importance, and applies them – manually or automatically -- in a timely manner.
- Develop, continuously review and refine your IT security policies and procedures, including those specific to cybersecurity, to ensure they meet your organization’s business objectives, fit within its culture and address current and emerging threats.
Free Resources from US Signal
For more information on avoiding and/or dealing with cyber threats:
US Signal blog posts on IT security
US Signal IT security-focused resources
Or let US Signal’s solution architects help you devise and implement an IT security strategy to help mitigate cyber threats. Call 866.2. SIGNAL or email [email protected].
Related Blog Posts
Expand from Network Security to Cloud Security
Learn how to expand from on-prem network security to cloud security with these best practices and resources.
Safer Internet Day Starts with Strong IT Security
Safer Internet Day offers a reminder of steps your organization can take to enhance its IT security and combat DDoS attacks and other forms of cybercrime.