6 Best Practices for Cyber Security in 2017

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

Every organization strives to have the best cyber security possible, but with the number of data breaches from insiders in the headlines today, keeping up-to-date with new security practices to implement is crucial. It can also be time-consuming. So, assuming you have the basics down: encrypting data, firewalls, etc., the best practices outlined below for 2017 are items you may not have previously considered, but definitely should. Check out the list of these best practices for cyber security as you consider your Insider Threat planning this year:

1.           Identify and Protect Your Unstructured Data

Unstructured data contains valuable insights and business information that can be very valuable to an outside party. Because it is, by nature, unstructured, identifying this data can be tricky. Once identified, it is important that it is stored in a specific location; just because information is so easily transported these days, and it can turn up in unforeseen (often vulnerable) places. Make sure this precious data is always locked down and not accessible to malicious outsiders.

2.      Review Access Control Policies

Do you know who has access to your most valuable data and assets? It is so important to be careful about who can gain entry to your secured data. A recent study revealed that only one third of companies know how many vendors access their systems! Ideally, you’ll create specific access controls for all your users (including vendors and contractors) so you can limit their entry to only the systems they need for their day-to-day tasks. This will limit the exposure of your sensitive data and keep you apprised of specific user activities (who is doing what, when and where).

3.      Beware of Social Engineering

All the technical IT security you implement can’t take the place of good judgment or account for innocent mistakes. Social engineering tactics have been used successfully for decades to gain login information and access to encrypted files. Even still, no one is exempt. The FBI suffered a social engineering attack last year which leaked identifying information on 20,000 FBI agents. Attempts like this one may come from phone, email or other communication with your users. The best defense is to educate and train your users, which bring us to our next point…

4.      Educate and Train Your Users

No matter how skilled they are, your users will always be the weakest link when it comes to securing your most valuable information. But the good news is, security teams can limit this risk through regular training and education pertinent to the organization’s cyber security policies. This training should include how to recognize a phishing email, a vishing scam, how to create heavy-duty passwords, how to avoid dangerous applications, how to take information out of the company in a secure fashion, and other germane user security risks.

5.      User Behavior Monitoring

Trust but verify. While competent, trained users can be the front line in cybersecurity, technology is still the best line of defense. Insider threat monitoring and analytics allow you to monitor users (even as anonymous entities) to verify that their activities meet the organization’s security standards. If a malicious outsider gains access to their log-in information—or if an insider chooses to take advantage of their system access—you will be immediately notified of the suspicious activity and can take the steps necessary to rectify the situation. Monitoring can also help you address gaps in compliance.

6.  Review New Compliance Requirements

Regulations like HIPAA, PCI, SOX, DSS, EU GDPR, NISPOM, and ISO offer standards for how your business should conduct its security. It’s always important to keep up-to-date on the latest requirements and keep your technology current. Although preparing audit logs can seem like a hassle, compliance can help guide your business to cybersecurity success!

We hope this list of 6 best cybersecurity practices helps as you consider your priorities for this year. Download this free eBook Insider Threat Program: Your 90-Day Plan to learn more about building your insider threat program. And if you’re ready to include these best practices as part of your program, start by requesting a demo or download a free trial of ObserveIT today.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
2118 Followers
About ObserveIT
ObserveIT is a user monitoring and investigation solution that identifies and eliminates insider threats. It continuously monitors user behavior and alerts IT and Security teams about activities that put their organizations at risk. ObserveIT provides comprehensive visibility into what all users are doing, while meeting compliance standards and reducing investigation time from days or hours to minutes.
Promoted Content
[report] 2018 Cost of Insider Threats: Global Organizations
According to The Ponemon Institute’s report, “2018 Cost of Insider Threats: Global Organizations,” the average cost of an insider threat annually is $8.76 million. It’s critical for organizations to understand the main causes of insider threats, because detecting insiders in a timely manner could save millions of dollars. Depending on the industry and size of company, the cost of an insider threat varies dramatically. Check out the full report to see The Ponemon Institute’s findings, and understand how to detect and prevent insider threats in the future.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel