Analecta Cyber Company Blog: Analecta’s “The Twelve Days of Cybersecurity”

2018-12-18

Analecta’s “The Twelve Days of Cybersecurity”

Analecta Cyber Twelve days of Cybersecurity - Christmas socks hanging Analecta's twelve days of cybersecurity banner With the holidays fast approaching, it is understandable that some people may be more focused on travel plans and gift purchases than keeping their organizations secure from cyber threats. This version of a holiday classic will keep you in a festive spirit while reminding you about specific cyber concerns, and how to prevent cyber threats to your company.

12 Days of Cybersecurity


Networking during the holidays
On the first day of Cybersecurity, my Chief Information Security Officer (CISO) gave to me: a virtual private network (VPN) for working remotely. The holidays are a perfect time to work remotely, and a VPN helps protect your company’s data by creating a safe and encrypted connection between your computer or laptop and your work network. VPNs are very affordable and should always be used when connected to untrusted networks, like WiFi hotspots at airports or hotels.

Recycle, reuse, refresh
On the second day of Cybersecurity, my CISO gave to me: cybersecurity refresher training. The holidays can be extra busy for your business. Take the time to remind your employees of important security practices.

Cold and flu season
On the third day of Cybersecurity, my CISO gave to me: fully updated antivirus software. Antivirus protection is essential any time of the year. Your employees may take the time to shop online for holiday gifts during their lunch breaks. Malicious actors like to mimic actual shopping websites and redirect traffic to sites with malware. Check out our article on using a centralized AV management system.


Encryption is like wrapping paper
On the fourth day of Cybersecurity, my CISO gave to me: enterprise-wide full disk encryption. Regardless if you plan to remain open over the holidays or shut down operations completely, using full disk encryption to protect your data-at-rest will give you peace of mind.

Better than the elves
On the fifth day of Cybersecurity, my CISO gave to me: an on-call incident response team. You can build your team with internal employees, external contractors or a blend of both, but with an uptick in overall cyber activity over the holidays, it pays to be prepared with your incident response plan

Extra servings
On the sixth day of Cybersecurity, my CISO gave to me: three extra servers to keep up with increased holiday traffic. Most businesses expect an increase in sales starting in November and continuing through the end of the year. If your equipment cannot handle the extra volume, you will experience downtime and lost revenue! Stay ahead of the rush, know your expected network volume and adjust to meet changing needs. 

Keep the peripherals at home
On the seventh day of Cybersecurity, my CISO gave to me: disabled Bluetooth and USB ports. It might be more festive to jam out to seasonal tunes on Bluetooth speakers or to plug in the latest USB-enabled gift you got in your stocking, but both are potential threats to your network. Keep those removable devices restricted from accessing your network.

Whoa- backup…
On the eighth day of Cybersecurity, my CISO gave to me: complete storage drive backups. There are few things more comforting and cozy than sitting by the fire, wrapped in a blanket and sipping a hot toddy. Backups are one of those comfort things! Don’t just schedule backups. Take the time to make sure they are performed and saved regularly.

Analecta Cyber Twelve days of Cybersecurity - Christmas socks hanging

You've got mail! Ixnay the hotlink please
On the ninth day of Cybersecurity, my CISO gave to me: disabled hyperlinks in email. Phishing attempts are often more successful during the holidays due to well-crafted lures. There are a variety of ways to disable HTML hyperlinks in email clients and from the server. Reach out to us if this is something you need more help with!

Patches isn’t just a puppy
On the tenth day of Cybersecurity, my CISO gave to me: identified and patched vulnerabilities. Perform checks for software updates prior to closing down for the holidays, especially if your systems are intended to stay up and running during a shutdown. Do another update check and patch immediately upon returning in case there were vulnerabilities found over the holidays.

Change your P@ssw0rd123 now
On the eleventh day of Cybersecurity, my CISO gave to me: a mandatory password change policy. This is a good policy to enforce year-round, but it could be especially helpful around the holidays. Users often forget passwords over long breaks, use the same passwords for multiple accounts and display other poor password habits.  Help them start the year fresh with a new password!

No-no on the VACA hooray
On the twelfth day of Cybersecurity, my CISO gave to me: the restraint to not post vacation plans on social media. Social media is great for a lot of things, but cyber actors are well versed at using information on social media to craft effective phishing emails. A simple post stating that you will be flying to the Bahamas for the end of 2018 may give a hacker the idea to create a phishing email pretending to be from your airline claiming to have a problem with your travel plans.

This cybersecurity checklist is pulled from the NIST Cybersecurity Framework. For more information on cyber best practices, visit the Analecta NIST Cybersecurity Framework Blog Series.

Analecta Cyber wishes you and yours a safe and “cybersecure” holiday season!

Analecta Cyber is a Maryland-based cybersecurity firm providing cyber risk assessments for small and medium sized businesses. Analecta is a trusted partner to help companies achieve their cybersecurity objectives. Email us at info@analecta-llc.com or visit our Cybersecurity website. 
Analecta Cyber - Managed Security Services

No comments :

Post a Comment