Is The Cyber Sky Falling?
Every time you look at the news, a company or government agency is being attacked in cyberspace. It could seem to some that the cyber sky is falling. For example, one of the world’s largest meat processing companies, JBS USA, was hit with a cyber-attack causing the shut down all its beef processing plants, affecting almost a quarter of U.S. supplies. This happened right on the heels of the Colonial Pipeline breach which occurred the week prior, causing a major gas pipeline to be shut down for nearly a week, resulting in fuel shortages across the eastern seaboard. These attacks clearly show every sector in the United States economy is at risk.
Mr. Chris Krebs, the former director of the US Cybersecurity and Infrastructure Security Agency (CISA) said, “They went after our gas, and they went after our hot dogs. No one is out of bounds here.” He also goes on, “every company out there needs to improve their security posture, but most importantly their business disruption policies.”
While we do not want to be a Chicken Little, there is plenty of evidence out there to suggest the overall cyber risk to businesses of all sizes dramatically increased. A frightening finding in the Hiscox Cyber Readiness Report 2021 is that one in six (17%) companies of all sizes surveyed, reported the resulting impacts from cyber-attacks “was serious enough to materially threaten the solvency or viability of the company.” Imagine the impact to our economy if they all went out of business! The threat is real, and cybersecurity is a risk factor that all businesses must address.
There are many free guides and checklists available online from the Cybersecurity and Infrastructure Security Agency (CISA) and the Small Business Administration (SBA) to help businesses start or evaluate their cybersecurity programs. Here is our short list of the things every organization can do immediately to start securing their systems and data.
- Install an Anti-Virus Program. Ensure you have an anti-virus program installed, up-to-date and running on your systems.
- Backup Your Data. Employ a backup solution that automatically and continuously backs up critical data and system configurations. Backups should not be on the same system or computer, use external drive/online storage, etc.
- Use Multi-Factor Authentication (MFA). Multi-factor authentication, or MFA, is widely available now and is a great way to help protect your accounts from becoming compromised. Install and use MFA starting with privileged, administrative, and remote access (work from home) users. You need to know who is on your systems.
- Review & Manage Patches & Updates. Immediately check all your systems to ensure they are patched and up to date. Then review how you manage routine patches and updates. Enable automatic updates whenever possible. Replace unsupported operating systems, applications, and hardware.
- Perform a Cyber Assessment. Perform an assessment of your organization’s cybersecurity posture and close the gap with industry best practices recommended by the SBA Cybersecurity – particularly your plan on what to do if you have been breached.
- Seek Assistance. If you or your staff do not have the knowledge or skills, work with IT and Cybersecurity professionals who can assess your organization and help implement cybersecurity best practices.
Cybersecurity is very much like disability/life insurance. Some people can clearly see the value of insuring loved ones and providing a sound future in case of a debilitating illness or death. Others, unfortunately, only recognize and comprehend when they themselves or a friend are impacted. Do not wait, get your cyber house in order now.
Sera-Brynn, a cybersecurity firm, is a FedRAMP 3PAO and PCI-QSA. Founded in 2011 by former members of the U.S. intelligence community, Sera-Brynn partners with some of the world’s most respected and recognized brands to help them secure their infrastructure and meet cybersecurity compliance requirements. Sera-Brynn offers Threat Sweep for immediate threat hunting, CHECKLIGHT® for continuous advanced threat alerting, and CHECKLIGHT®-CLM for continuous advanced threat alerting and centralized log management for the Defense Industrial Base (DIB).
Contact us at 1-757-243-1257 or firstname.lastname@example.org.