As we all get ready for the holiday season, cybercriminals are also gearing up for a special time. Holidays can be an ideal time for hackers, as many organizations have reduced IT staff – or even no security team on premises – making it easier to execute attacks without being noticed. This environment can be open season for ransomware, which in recent months has seen an uptick in Canada; Ryuk, for example, recently hit three Ontario hospitals and healthcare facilities in Alabama and Australia.
So, how can your organization rest easy over the holidays?
How prepared are you for cyberattacks?Before you get ready to ring in the holiday season, you’ll want to test your security posture. Here are three ways to do so:
- Risk Assessments: Risk assessments can be performed on any application, function or process in your organization. You’ll want to take this opportunity to identify threats, determine risk levels and impact, analyze your environment and determine the likelihood and severity of any risk to your business.
- Vulnerability Assessments: A vulnerability assessment identifies, classifies and ranks the vulnerabilities in systems, applications and network infrastructure to provide your organization with the necessary knowledge, awareness and risk background to understand the threats to your environment. Work with a trusted solution provider to make sure your security technologies are properly implemented and integrated to effectively guard against all threats.
- Penetration Testing: Penetration testing provides an organization with a view of what it’s like to be targeted by hackers, showcases how the attack is performed and offers takeaways to prevent it from happening “for real.” To avoid costly cyberattacks, consider engaging a security partner to conduct a penetration test against your infrastructure.
How robust are your security alerts?Not only do you need to prepare your systems for a cyberattack, but you’ll want to make sure, if an attack does occur, that you are getting the alerts that you need. Evaluate your security software to ensure you receive the proper alerts, and make sure you are confident with your triage process if an alert does occur. It’s especially important to avoid alert fatigue and not ignore alerts during high-risk periods…such as the holiday season. You will need to increase your thresholds for alerting so that someone can keep an eye on those.
Have you considered fully or partially managed services?Arguably, the best way for you to enjoy the holidays, knowing that your systems are secure, is to have someone else look after them. By engaging a managed services provider, you’ll have a dedicated team of security analysts in a Security Operations Centre (SOC) who watch your logs and alerts, and either report or take action on critical events. For smaller businesses, or those without an SOC, partially managed services could be a great option, especially during high-risk, low-activity times such as long weekends.
Here are some additional tips on preparing your organization for the holiday season:
- Have good incident response, business continuity and disaster recovery plans in place and make sure to have them tested.
- Consider having an incident response retainer, so that if a breach does occur you are prepared to respond quickly.
- Security awareness training can educate staff about social engineering and phishing attacks, which will likely increase before the holidays.
- Consider restricting admin functions during these high-risk windows and utilize multifactor authentication (MFA) on all admin accounts.
Daniel Reio is the Director, Product & Partner Management for CDW Canada.