How To Protect Your Company Using A Cybersecurity Service
How To Protect Your Company Using A Cybersecurity Service
Do you know how a cybersecurity service can protect your company?
There are a lot of tools involved in a well thought out cybersecurity strategy. An antivirus solution is one, but business owners should think of cybersecurity as a layered approach. There’s no one silver bullet solution for ultimate protection that keeps everything else safe. It’s more about the little things that you can do by layering different tools on top of each other.
What Tools Does a Good Cybersecurity Service Use?
In the CopperTree cybersecurity stack, we have about 10 different tools that we use to provide a high level of protection.
There’s much more than antivirus programs. There are a lot of things that go into ensuring that a business is not vulnerable on the cybersecurity front. It really comes down to implementing the proper tools, making sure we’re following the proper cybersecurity best practices, and following good configuration hygiene.
We review our best practices and standards every month. We have documented standards for keeping systems locked down and infrastructure secure. Also, we’re constantly learning. There are new things coming out in cybersecurity constantly, and incorporate those into our best practices.
We see each of our clients every month in part to evaluate their systems against our best practices. We look for risks in infrastructure and anything that should be addressed, updated, or changed.
Securing People and Processes
It’s not just about technology. It’s also about people and processes and making sure that your people are familiar with the risks that are out there. People should understand, for example, when they get a certain email that they shouldn’t click on the link inside. Maybe they should just pass on that one.
There are a lot of different layers. There’s the people layer, there’s the technology layer, and then there’s also the process layer. That’s where we make sure that we’re doing all the proper maintenance, keeping the systems up to date, and properly patching your systems so they are secure.
Why Do Organizations Need Cybersecurity Service?
CopperTree has been hired several times to help clean up after a cybersecurity incident. At that point, unfortunately, there will be some significant impact.
One organization we worked with recently went through a cyberattack at the beginning of the year. Someone got admin access to their system, which was fully compromised by ransomware.
The ransomware encrypted their data and their backups. They weren’t able to get their backups running and they lost about a month’s worth of data. They had to do some manual data entry, and luckily they had paper backups to get their information back, but they lost about a month’s worth of data.
The disruption to their business ended up costing them a lot of money. Their systems were down for days. It took them a lot of time to get back and running. They had to bring in an incident response team and go through a cleanup process. And because they were so reliant on their systems they were unable to serve their clients during that time, and their clients were impacted. Some of them ended up leaving for another organization.
Obviously, that’s a worst-case scenario that every organization wants to avoid.
Are Small Businesses Targets for Cybersecurity Threats?
People sometimes ask what the likelihood is of their business being a target. But it’s not really about the size of a given organization.
Unless you’re a very large company, it’s unlikely that you’ll be specifically targeted. It’s more likely that you’ll get caught up in some kind of an automated attack. It could be ransomware, a phishing email, or something like that. The size of an organization, its complexity, and the value of the data are not necessarily indicators that a business will be targeted, because any organization is susceptible to these types of attacks.
The biggest cybersecurity incidents that we see tend to be email-based. Someone may send an email with a malicious attachment that will compromise your systems. An employee clicks on it, and it infects their system with ransomware.
Phishing emails are another common but less technical tactic. We’ve seen a lot of emails to finance people that appear to be from their CEO, for example, asking them to transfer money to a questionable account.
Educating End-Users to Avoid Attacks
Generally, the more sophisticated the attack, the less likely somebody is to notice it. So we make sure to educate our people so that they know what’s out there and what to look out for.
One common strategy is social engineering, or when somebody pretends to be somebody they’re not to get you to do something. This is represented by phishing types of attacks. Bad actors will send an email to gather information, and then they’ll use that information in their social engineering attack. They may send an email pretending to be the CEO to the finance person for bank account transfers.
In that case, we want people to think critically. Is this a request that could logically come from the CEO, or is this a little strange? And most of the time, when people are alert, they can identify these attacks.
Here’s an example. We worked with a client where an employee in finance got an email that appeared to be from the CEO. And he just walked over to the CEO’s office and said, is this really you? And it wasn’t. Sometimes identifying those things is that easy. The best thing you can do is to educate your people.
Physical Cybersecurity Services
One aspect of security that can be overlooked is physical cybersecurity services. You can have all your systems locked down as tight as can be in the digital realm, but if somebody can walk through your front door and straight into your server room, you still have a significant gap in your security layer.
We start addressing physical concerns by verifying the security of the server rooms. All of the core infrastructure should be safely locked away and behind some kind of access control mechanism.
Part of your vCIO’s job is to make sure that your organization is covered from a cybersecurity perspective. And they’re constantly looking for ways to improve your cybersecurity status. That includes trying new technology that can give you added levels of protection.
In a way, cybersecurity exists on a spectrum. You can always be more secure by making bigger investments into cybersecurity. But there’s a sweet spot for every organization where you’re spending enough to be secure enough and you’re not overspending or limiting how you use technology in your organization.
Adapting to New Threats
Our systems and processes are constantly changing to accommodate new threats. There are new things coming out all the time and we have to stay on top of what’s happening.
Various technical organizations issue news releases with the latest cybersecurity threats, for example, and we’re constantly checking on those. We’re always asking if there is something else we should be doing, or that our clients should be doing within their organizations, to stay on top of things and stay safe.
We also have weekly standards meetings to go over new industry developments. If there’s something that we feel should be incorporated into our best practices, we make it a new standard and that gets rolled out to our clients over a few days or weeks.
Compliance Requirements & Tests
Sometimes our clients will ask us if they should be getting regular penetration tests on their system. Unless you have a regulatory requirement, that isn’t something that we do on a regular basis. That said, we do have some clients that need to meet specific security requirements like ISO 27,001, a SOC 2, or some other compliance requirement.
In those cases, we’ll bring in a third party to do a quarterly or annual penetration test, and do an assessment against those controls. We work with a third party because, even though we do everything required on a day-to-day basis, you can’t check your own work. So we always recommend a third party’s involvement if there is a regulatory requirement.
Insurance as a Cybersecurity Service
If you think your organization has been penetrated or compromised in some way, we’ll bring in the incident response team immediately. If you have cyber-insurance, which is a critical part of security, the insurance company probably has an incident response team. They’ll handle the initial cleanup. They’ll look into what happened, who did it, and what systems were compromised.
They’ll also have a public relations team to handle the PR side of it. If affected users need to be notified about a privacy breach, the insurance company can handle that.
The role of a cybersecurity service in the case of a breach includes coordinating with the incident response team. We give them access to the infrastructure and the tools that they need internally, within the infrastructure, to do that initial cleanup and figure out what happened.
Once the incident is contained, we get involved again to help rebuild the infrastructure and whatever changes need to happen.
Cybersecurity Service Standards
There are several different cybersecurity standards depending on your industry and compliance requirements.
One of the standards is ISO 27001, and another common one is SOC 2. Most organizations won’t put that in place unless they’re required to, either because of their clients or the industry they’re in.
If you need that, implementing those standards requires a lot of non-technical work as well. It requires some involvement from your side, including policies, procedures, and internal changes that need to happen. But we can help with implementation.
Cybersecurity Service Across Industries
CopperTree works across a broad variety of different industries, and it doesn’t really matter what industry you’re in. The technology that supports the companies we work with is all fundamentally similar.
You can walk into a manufacturing company, a law firm, a retail organization, or a construction company, and every one of them will have the same fundamental infrastructure. They have servers, networks, endpoints, backups, email, Wi-Fi, and all of those standards.
The primary difference between organizations is the software that they use. Every business has its own unique applications that work in their organization. Our best practices around security, however, can be applied to any industry and any organization.
CopperTree takes a holistic approach to IT security. We look at where the data lives and how it moves within the system. The approach to securing an on-premise server, for example, is different from securing a cloud server. That said, and you want your information to be secure in every scenario.
Also, if you’re connecting to your system through an unsecured public Wi-Fi network, for example, you need to secure your data against threats that arise from that.
There are a lot of different aspects to look at, but we try to maintain that holistic perspective. We look at all aspects of IT security, whether it’s on-premise, in the cloud, in a SaaS application, on your desktop, or wherever it might be. We make sure we’ve always got you covered.