Earlier in the week, the Cybersecurity and Infrastructure Security Agency (CISA) – the cybersecurity arm of the Department of Homeland Security (DHS) – issued a “Shields Up” advisory to businesses. While the advisory does not mention any specific threat, it lays out several guidelines on how businesses and organizations can keep their computer networks safe from online threats such has phishing attempts and ransomware.
This statement also comes in the heels of Russia’s imminent invasion of Ukraine. The agency believes that bad actors will take advantage of the tumultuous situation in the region and launch cyberattacks against businesses and government agencies in the United States. Past incidents such as the cyberattack on Colonial Pipeline and JBS in 2021 have exposed the vulnerabilities of some of the nation’s key infrastructure and food supply to digital attacks. We now live in an age where cyberspace is now a viable theater of war, and the impacts of cyberattacks are no longer limited to just the victim organizations – but such attacks also carry wider national security implications.
Cybersecurity Key Points
Key points identified in the advisory are cybersecurity best practices that businesses and organizations that work with the government should already be practicing. Additionally, organizations subject to compliance requirements such as NIST and HIPAA are legally required to report the incident to the government. Here are just some of the steps organizations are highly encouraged to follow:
- Ensure all software are up to date and all security updates are downloaded and installed.
- Ports and protocols not used for the operation of business should be disabled to minimize the likelihood of an intrusion.
- Remote workers must use two-factor-authentication when accessing company resources.
- Businesses that do not have an in-house IT security team are highly encouraged get in touch with a cybersecurity company.
- Identify devices and users in the trusted network and remove ones that are no longer needed. Dormant user accounts and devices pose a high risk for network intrusion.
- Keep emails secure and train employees on how to detect scam and phishing attempts.
- Envolve employees in cybercrime prevention. Workers form an essential layer of security. Periodic training on Internet best practices can greatly lower the likelihood of a cybersecurity incident.
Cybersecurity in the Age of Work from Home
The fact that most of the digital workforce continues to work from home throughout the pandemic underscores the importance of having a cybersecurity infrastructure in place. Emails, file downloads, and Wi-Fi connections are all highly attractive attack surfaces for would-be criminals. A study done by Hiscox – an insurance provider – has revealed that $25,000 is the average cost of a cyberattack on a small business. This figure does not factor in other costs such as the loss of reputation and legal liabilities borne out of a cyber incident.
Organizations that currently do not have an incident response plan in place are best advised to have one implemented sooner rather than later. The right response can help minimize the loss of time, revenue, and liability to a business following a network intrusion.
Why Your Small Business Needs Cybersecurity Services
Shoring up your organization’s IT infrastructure can be daunting and overwhelming without the help from the right people. LG Networks, Inc’s suite of cybersecurity services has helped businesses in the Dallas-Fort Worth Area and beyond prepare and improve their organization’s cybersecurity posture and limit their liabilities. Our clients enjoy the peace of mind knowing that their computer networks are monitored by cybersecurity experts 24/7/365. Our cybersecurity packages include up to $1 million in coverage should disaster strike. In this age, no small business is too small to become victim of a cyberattack.
Additional Reading:
by