February 2024 Volume 6

OPERATIONS & MANAGEMENT

Using Technology to Help Protect Against a Cyberattack By Jim Kerr

In the previous issue of FIA Magazine (November 2023), we talked about how to develop a positive cybersecurity culture so your team can learn to confidently identify and avoid threats. Because up to 90% of cyberattacks stem from human error, it’s important to carefully choose technology tools to help reduce the risk of making a mistake in the first place. There’s no fool-proof technology and no single “perfect” toolset that’s right for every organization. That said, here are some best practices to consider. Evaluate Your Current IT Environment This is the time to be honest about how your IT is functioning now. What works? What’s frustrating? Your network diagram, asset inventory, security assessments and software summary will come in handy during this review. In addition, consider these questions to help you understand where there are vulnerabilities that technology could help protect: • What data do you have? Who has access to it? How does it flow? • What hardware and software do you use? • Are you using current software versions? Are your systems regularly patched? • What are the internal and external vulnerabilities and risks to your IT assets? • If you had to completely shut down the network for a week to remediate, how would you operate your business? • After a compromise, what critical processes need to be restored first? What services need to remain operational no matter what? Are those services part of your backup process? Answers to these questions and others will help determine the tools you need to help protect your current environment and position yourself for successful recovery if needed. Identify and Prioritize Technology Gaps Think about which tools you’re currently using and where you could beef up your approach. Identify any gaps you find based on internal company goals, best practice IT standards, requirements from your customers, competitive advantage, cyber liability insurance providers, or regulators. From there, prioritize any needed improvements and fix the most critical gaps as soon as you can. Since one improvement often builds on another, plan to work in stages. Consider the process a journey of incremental changes to continuously close gaps and respond as new threats appear.

Explore Technology Options We’re all familiar with tools like anti-virus applications and spam filters. Using current versions of your application software and patching them regularly are also routine practices. Continue to maintain these services. Other effective tools to help respond to cyber threats include: Multi-factor Authentication (MFA) – Also called Two-Factor Authentication (2FA), this requires an additional security validation beyond a username and password. It can be a code sent to your phone or an app that provides a code on demand. If you have a choice, use an app on your phone such as Microsoft Authenticator for an extra security edge over receiving a text. Password Managers – We still see password lists in Excel sheets or Word docs (those are not secure ways to store passwords). The average person has 100 passwords or more, and a secure password manager is an easy way to keep track of them all. Each user only needs to remember one master password to open their “password vault”. Some password managers also include a feature that allows the company to access individual users' vaults in case of an emergency or resignation. Encryption – Encryption can be a roadblock for cybercriminals by simply making your data more difficult to access. Use encryption on all machines and for sensitive emails. Always use encrypted email if you must transmit sensitive data. Reliable, Quickly Recoverable Backup – Everyone has a backup, right? If you’re still using physical backup media (such as external hard drives), consider a more robust solution to help speed up and smooth the recovery process after an attack. Backup as a service that includes both onsite and cloud replication can get you up and running faster. Even if you save all your files to the server, there’s still more on your local computer than you may realize. So, remember to backup individual workstations. Be sure to back up your cloud services too, including Microsoft 365 email, OneDrive, and SharePoint. Application Allowlisting – This tool is part of a zero-trust approach, which assumes that everything – people, applications, and devices — poses a risk to your network. This means every person, application, and device must be authenticated and authorized each time they request access. By insisting on verification and authentication at every step, zero trust makes it difficult for a hacker to gain access through a compromised user account or device.

FIA MAGAZINE | FEBRUARY 2024 54