Solid business practices best defense against cybersecurity challenges
posted by Ben Hayden on Thursday, February 20, 2020 in SHAZAM Blog
Industry sources have reported that a North Korean hacking campaign is targeting financial institutions, among other private-sector industries. More than 99 percent of cyberattacks rely on human interaction to work — making individual users the best line of defense.
SHAZAM has tapped into industry security groups to understand how best to prepare for these ongoing assaults, and the good news is all their recommendations are likely already part of your current cybersecurity efforts.
HOW TO PREPARE
The most effective way to guard your organization against cyberattacks is by doing things you’ve likely been doing all along. Bad actors still need access into systems in order to do their damage. Protecting your systems with solid business practices, including some basics, will go a long way.
- Ensure your staff is trained in spotting phishing emails. Never trust an email that comes from an email address that you don’t recognize. If the email seems legitimate, take the time to look at the content. Does the content and context of the request seem unusual? Look for ways to verify the sender’s request using other resources, such as an internet search. Use a source besides the email to verify point-of-care information and confirm the request with that communication method.
- Apply patches to your systems and software in a timely manner.
- Consider IP geo-blocking for known cyber-attack originating locations.
- Ensure frequent review of your cyber incident response plan with members of your response team.
- Ensure password complexity, rotation and reuse policies are known and followed by staff.
- Share this information with others in your organization who may need to know.
Review the SHAZAM Blog Protecting yourself from phishing, smishing and vishing, posted October 2018.
About the Author
Ben Hayden utilizes his expertise in cyber investigations, financial crimes and digital forensics to assist financial institutions in evaluating their cybersecurity vulnerabilities. He manages SHAZAM’s risk management services, helping member institutions mitigate their risks in information
... read entire bio
SHAZAM, Inc. and ITS, Inc. provide this blog for general informational purposes only. Our blog may be shared by a direct link wherein the content remains as originally presented and has not been altered. SHAZAM, Inc. and ITS, Inc. assume no responsibility for errors or omissions in the contents on the blog. By using this blog, reader agrees that the information published does not constitute nor is a substitute for legal advice which should only be sought from a qualified, licensed attorney.
comments powered by