Organisations are constantly under attack, putting security and IT teams under increasing pressure every day.
According to Mimecast’s State of Email Security Report 2020, 85% of South African organisations experienced a business disruption, financial loss or other setback due to a lack of cyber preparedness last year.
Cybersecurity and IT leaders can mitigate risk and the impact of damaging cyberthreats by incorporating the following best practices.
1. Avoid unknown emails, links and pop-ups:
Prevent malware infections with up-to-date virus scanning, spam detection and robust user training.
2. Use strong password protection and authentication:
Users should create strong, difficult-to-guess passwords and credentials – and change them often.
Multifactor authentication provides an additional token of identification.
3. Always connect to secure Wi-Fi:
It is critical to secure any personal Wi-Fi networks, avoid unsecured public networks and give employees a virtual private network (VPN) so they can securely connect to the business network remotely.
4. Enable firewall protection at work and at home:
Firewalls restrict traffic in, out or within a private home or business network.
5. Invest in security systems and software updates:
Ensure your organisation has security software and automation in place, including installing software updates as soon as they’re available.
6. Limit access to ‘least privilege’:
Maintain tight control over user privileges including employees or connected third parties through privileged access management such as permission governance, active monitoring and limiting temporary permissions.
7. Create a hierarchical cybersecurity policy:
Having an overarching, written and well-communicated cybersecurity policy is non-negotiable for cyber-savvy organisations.
A hierarchical approach allows for the creation of an organisational policy as well as more specific, customised policies for various departments or functions as needed.
8. Back up data:
Regularly backing up critical data is key to defeating ransomware and to business continuity in general. Even smarter: storing the data in a secure cloud archive.
9. Adopt a defence-in-depth security posture:
Organisations need layers of security solutions that work in tandem to protect the number one threat vector – business email – from an array of cyber threats.
10. Practice robust and continuous employee awareness programs:
Most cybersecurity studies have found that human error is responsible for some 90% of all security breaches. That’s why one of the most important best practices is vigorous and ongoing cybersecurity awareness training for all users.
Learn more about securing your organisation this Cybersecurity Awareness Month.