Cyber Security Resolutions For The New Year

Written By Steve Sharer

A new year brings new year’s resolutions. Maybe we try to eat a little healthier and hit the gym a little more often. Our team of hacker and cyber security engineers suggests you try something a bit different this year - make a resolution to improve your organization’s cyber security.

In this post, we’ll talk about a few initiatives that drastically improve security and lower your risk of cyber attacks.

Boost The Security Of Your Productivity Suite

Most organizations rely heavily on their productivity suites - tools like Microsoft 365 and Google Workspace for their day-to-day operations. They help us centralize our work, collaborate with colleagues, and generally make our lives easier.

With all of those benefits comes a trade-off: your productivity suite is a very interesting target for attackers due to the sensitive nature of the data stored inside and its potential to be used as a platform to conduct additional attacks on your clients and partners. 

Unfortunately, most of the productivity suites out there aren’t configured in a way that’s secure by default. The good news is that it’s possible to fix this. There are tons of configuration changes you can make in both Microsoft 365 and Google Workspace to reduce the risk of an attacker gaining access to your data. One such example would be to configure settings to mandate multi-factor authentication (MFA) so that all users are required to use an additional factor to log in. This is one of the singularly best things you can do to make your organization more resistant to attacks. 

Be sure to fully research any changes you make beforehand so you understand the potential impact to your business. Alternatively, find a good security partner to help you minimize the chance of business interruption while implementing security improvements.

Also consider ensuring you have a proper configuration of email security capabilities like SPF, DMARC, and DKIM. These capabilities help to protect your organization from attack and have the added benefit of significantly improving the delivery rate of your email outreach efforts.

Learn more about securely configuring your productivity suite.

Give Staff The Knowledge To Defeat Attacks

Well-trained employees significantly reduce a company’s risk by empowering them to identify would-be attacks and take action to prevent them. But being well-trained doesn’t mean you have to slog through a long day of dry, boring cybersecurity training .

It’s better to mix up the delivery methods to keep your employees engaged. Consider including some of the following strategies in your cyber security training efforts:

  • A knowledge gap assessment for all staff to help prioritize which training courses they are assigned.

  • Bite-sized, engaging, and fun courses that are assigned to employees once a month or so.

  • Quarterly phishing simulations to evaluate the staff’s susceptibility to human-targeted attacks. Any users that fall victim to the simulated attacks should get immediate follow-on training to help them do better next time.

  • A lunch & learn session to fill in staff on the organization’s security efforts and provide a forum for staff to ask security-related questions.

In addition to increasing retention of the content for your employees, these measures can help to build a culture of security at your organization - making your people a force multiplier in your cyber security, rather than another liability.

Check out some examples of our fun training videos and learn more about our cyber security training capabilities

Develop A Cyber Security Strategy

One of the first projects we do with new customers is to establish a cyber security strategy. In this project, we meet with stakeholders from across an organization as well as their third parties to understand the current business, operations, technology, people, processes, and security capabilities.

The result of these workshops is a cyber security improvement roadmap, designed to provide a prioritized, evidence-based, and strategic plan that your organization can use to plan security improvements over the coming months and years..

We also support our customers in implementing the items in the roadmap. In doing so, we’ve noticed interesting trends among the customers that have a strategy in hand before investing more in cyber security. Customers that have roadmaps are able to:

  • Reduce the long-term cost of cyber security improvement efforts

  • Contribute to an increase in organizational buy-in, from top to bottom

  • Elevate the success rates of security initiatives to increase organizational resiliency against attacks

  • Support your organization as it grows by assisting planning activities associated with IT and security

  • Quickly and easily demonstrate your cyber security capabilities to third parties like customers, prospects, beneficiaries, and donors.

Learn more about establishing a cyber security strategy.

Steve Sharer
Previous

Must-Haves For Email Security & Deliverability: SPF, DMARC, & DKIM
Next

Cyber Security Quick Wins For Cyber Security Awareness Month