Site Search

Loading Results

Need to plug cybersecurity gaps? Don’t forget the fundamentals

Cybersecurity is constant work in progress. Like technology, security threats, gaps and solutions evolve. So, what does this mean for businesses and what can you do? First, look at cybersecurity as a series of investments that need to be maintained. Like any investment, one should not put all of one’s eggs into one basket. Instead, spread it out and have multiple lines of defence to prevent, detect and respond to security breaches. Don’t let one falling domino trigger the complete collapse of your entire cyber defence.

Second and this is something we always remind our clients, don’t neglect the fundamentals! In our last post, we identified three common cybersecurity gaps we observe. These gaps can be addressed with four simple but important actions.

  1. Password management: Leaving user logins and passwords open and in one place is like giving a thief the keys into your house. Have and enforce guidelines around password complexity and rotation. There are several enterprise software solutions on the market that can assist both IT teams and employees with password management.
  2. Endpoint hardening: Cybercriminals can gain access to your network via mobile devices and laptops. The goal therefore is to harden these endpoints so that it is more difficult for criminals to get in and access data on your network. Endpoint hardening solutions include anti-virus, anti-spyware and anti-malware software, multi-factor authentication, VPNs and endpoint detection and response (EDR) solutions. The solutions you deploy will depend on your business and the type of data you need to protect.
  3. Network segregation: The goal of network segregation is to prevent cybercriminals who break into one room in your house to enter into other rooms. One way to do this is by restricting user access to different networks and by requiring special authorisations to access sensitive information. There are different ways to segregate one’s network including the use of firewalls.
  4. Empower your employees to protect their data: The role of employees is often overlooked and it is becoming clear that cybersecurity is no longer the sole purview of IT teams. Educate employees about potential cyber threats and train them to recognise suspicious activity. But education is not enough; what we’ve observed is that employees should also be equipped with tools to respond and stop cyber crime.

Stay tuned for more for information on the role of employees in a company’s cyber defence.

The Connected Shield team

Next blog: Employees and cybersecurity: asset or liability?
Previous blog: You’ve heard about cyberthreats. Can you spots the gaps?

Follow us