Security Checklist : Preparing for a Cyber Attack
News | 3 Oct 2013
Steps you should take when protecting your organization from a cyber attack, as identified by Bill Wheeler, global director of security & compliance practice at Zensar.
Dedicate budget When budgets are tight, money is funneled toward the revenue-generating parts of the business, and security is placed on the back burner. Smaller organizations especially do not think they will be attacked and do not understand the value of security. They also often lack knowledgeable staff, training and resources. It is necessary for organizations of all sizes to dedicate sufficient resources to training and hiring IT staff, or to outsource their security needs to a third-party provider.
Assess your risks It is important for organizations to have a clear view into the risks facing them. Some organizations might want to consider partnering with a consultant that can perform an audit and assess their risk profile. Then, the organization can put a plan in place to protect itself.
Take action Once you have identified the threats facing your organization, put the right technology and best practices in place to prevent them — put up firewalls, upgrade code and don’t forget about PCI certification. PCI is evolving and requirements will probably become stricter in the future. PCI certification can mitigate the risks to systems that store or transmit credit card data. Several low-cost best practice solutions can help you to substantially mitigate long-term data loss and exposure. These include: Staff training Virus/malware updates System patching Open source detection tools: IDS/IPS File integrity monitors Application penetration testing Source code review Incident response planning and training
Be proactive The threats to the organization are constantly evolving, and the security team needs frequent training to stay up-to-date on the latest risks. Financially driven attacks have become a huge issue recently, as are new phishing attacks, viruses, worms and Trojans. For example, the Downloader. MDW, better known as Dialer. XD, forces affected computers to generate a large amount of network traffic activity with the consequent consumption of bandwidth. It carries out actions that decrease the security level of the computer and uses anti-monitoring techniques in order to prevent it from being detected by antivirus companies. It also spreads across the Internet while being downloaded by other malware. In addition, the Linux. Apaback is a Trojan horse that modifies network traffic and opens a back door on the compromised computer. Although this Trojan is considered low risk, as it is easily mitigated and removed, an unsuspecting organization caught off guard can be entirely compromised by allowing such a threat to exist.
Stay informed In order to stay informed, IT staff should participate in security focused events, subscribe to mailing lists, and talk to their peers. Organizations should ensure that they have the latest patch versions. They should constantly scan for threats and plug vulnerabilities in a timely manner. Beyond the IT department, basic security training is important for all staff. For example, all employees should understand password requirements and complexities.
Conclusion In the security business, the good guys need to be prepared 100 percent of the time, and the bad guys only need to be right once in order to cause major damage. By following this checklist, you can help ensure that your business is prepared.