Scroll Top

May Newsletter

May 2023 News

May 2023 Newsletter

Tim Cook Said Recently “In The World of Cybersecurity The Last Thing You Want Is To Have a Target Painted On Your Back”

The Near Inevitability of Cybersecurity Breaches Calls for Greater Focus on Identification, Response and Recovery through Incident Recovery Preparedness

  • According to The Cost of a Data Breach Report 86% of the participants said they had been breached more than once.
  • 79% of Critical Infrastructure Organizations said they had not deployed a Zero Trust Architecture.
  • 19% of breaches occurred due to business partner compromise.
  • 45% of the breaches were cloud based.
  • Average cost of a breached record $164.00
  • Estimated time to identify a breach 200+ days.
  • Source: IBM and Ponemon Group Breach Report

May 2023 News

How to Reduce the Inevitability of a Cybersecurity Breach

  • Document written IT Control cybersecurity policies, procedures, and plans.
  • Perform a Cybersecurity Risk Assessment based on a framework like NIST CSF.
  • Perform a Vulnerability Assessment or Penetration Test to identify vulnerabilities and exploits, patch all systems based on findings and re-test.
  • Provide employee security training and awareness programs with reminders and testing.
  • Adopt a Zero Trust Model to Prevent Unauthorized Access to Data.
  • Protect sensitive data in cloud environments using policy and encryption.
  • Invest in security orchestration, automation and response (SOAR) and EDR, MDR, and XDR to help improve detection and response times.
  • Protect and monitor endpoints and remote employees.

Create and Test incident response plans and teams to increase training and awareness before a breach occurs.

  • Increase IT spend it’s cheaper than a breach
  • Invest in your IT people through advanced training and certifications.
  • Deploy application aware firewalls.
  • Penetration Test custom applications and databases during the development phase.
  • Encrypt Data at rest and in transport.
  • Deploy 2 factor authentication.
  • Filter outgoing and inbound traffic.
  • Perform Audits of Business Associate Agreements for Cybersecurity adherence.
  • Turn off USB Ports.
  • Turn off Data Jack Ports.
  • Secure and Upgrade Data Centers and Wiring Closet Physical Security
  • Perform Red Team exercises to enhance the effectiveness of IR teams by uncovering attack paths and techniques they might miss and identifying gaps in their detection and response capabilities.
  • Test your Cloud Implementation.  Amazon and Microsoft only protect their infrastructure and advise clients to perform testing that they allow.

Vigilance is Key:

Companies realize a lower probability of a breach when they use a cybersecurity risk framework to evaluate their cybersecurity posture.  The reduced attack surface has fewer vulnerabilities resulting in less attack vectors making it more difficult and time consuming for a hacker to perform reconnaissance looking for a Exploit.

1

Related Posts

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.