7 Ingredients for Good Cybersecurity

It used to be that IT services providers would sell you an expensive firewall, install the “best” antivirus, do some kind of patch management, and call you secure.

Covid changed all that.

A hasty transition to remote work opened up a wave of vulnerabilities that allowed hackers to seize the moment, and seize they did!

Global Ransomware Damage Costs. Bar graph shows costs rise dramatically in 2021 from 2019. Source: Cybersecurity Ventures

Source: https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-20-billion-usd-by-2021/

“Ransomware still uses social engineering as its main infection vector.”
                                                 – KnowBe4’s Sjouwerman

The fact is that antivirus software have become very good. Even the free antivirus baked into Windows is well regarded by industry analysts:

https://www.makeuseof.com/microsoft-defender-avtest-report/

If hackers can’t beat the antivirus that comes free with your computer, how are companies still getting hacked? 

We’ve had more than one client ask us how hackers were able to steal money from their bank account, only to find that someone in accounting wired the money. It usually involves an urgent email that appears to be from the CEO, telling them to immediately wire $20k for an important deadline. Yes, people fall for these scams.

Fortunately, there are training programs from well-regarded outfits, like KnowBe4, that can help. We schedule monthly tests to see if anyone clicks on a test scam email, and KnowBe4 automatically assigns appropriate training as needed.

It only takes one mistake for a hacker to gain a foothold in your network 

Let’s assume you have a good cyber security training program, and everyone is vigilant about spotting scams. That’s a great start. But it only takes one mistake for a hacker to gain a foothold in your network. So, what else can be done?

We believe there are 7 essential ingredients for good cybersecurity:

  1. Cybersecurity training (KnowBe4)
  2. MFA
  3. Restricting admin privilege
  4. Patching
  5. Suspicious behavior detection
  6. Backups
  7. Cybersecurity insurance

MFA:  The most BASIC and ESSENTIAL protection

Sorry for the obnoxious emphasis, but I can’t tell you how many people still push back on MFA (multi-factor authentication). We’re talking about a free app on your phone that requires you to verify your login. Microsoft states that you can prevent 99.9% of attacks based on stolen passwords with MFA. 

MFA Cybersecurity Microsoft Blog Source
https://www.microsoft.com/security/blog/2019/08/20/one-simple-action-you-can-take-to-prevent-99-9-percent-of-account-attacks/

Most of the pushback comes from the fact that MFA requires a use of a personal device. I have a question for you. If you’re not willing to install a free app that blocks 99.9% of attacks when you get your password stolen, are you an asset to your company or a liability?

Restricting Administrative Privileges

Another essential cybersecurity requirement is restricting administrative privileges. Simply put, we block users from installing any programs until they check with us. Sometimes a client might feel that it’s too cumbersome to call us each time they need to install a new program. However, if a hacker gains access to a computer through a malicious email attachment or a link, the damage done is limited if the user account doesn’t have admin privileges.

One of the first thing that a hacker does inside your network is to sniff around for unpatched computers. Once they gather up a list of vulnerable computers in your network, hackers literally go shopping for exploit kits tailor made to rob you shirtless. 

Patching

Most software has automatic update built-in, but updates are all too easily put off by clicking “postpone”, “not now”, “maybe later”, “don’t call me, I’ll call you”. 

Let your computer update. Reboot. 

Reboot a day keeps the hacker away (and solves half your help desk issues, too!)

Suspicious behavior detection

Remember how the hacker starts their day by scanning your network for vulnerabilities? The introduction of EDR systems like Huntress (https://www.huntress.com) adds a whole new level of protection by detecting suspicious behavior which may indicate hacker activity. 

Since vulnerability scan isn’t in a normal office worker’s job description, EDR automatically quarantines computers when such suspicious behavior is detected. In essence, the hacker gets busted for snooping around.

Backups

Your best protection against ransomware at the end of the day is a good backup. After all, there is no need to pay a ransom if the stolen data can be restored. Talk to your IT professional for proper backup strategy.

Last line of defense

An important protection we ask our clients to obtain is cybersecurity insurance. Cybersecurity insurance pays the cost associated with recovery from a ransomware attack. With it, we have the option to bring in the big guns if you find yourself in truly deep waters.

We partner with FRSecure (https://frsecure.com) who specialize in incident response in the event of a breach. As a retained customer, you will receive a 2-hour response to bring you back to safety, along with an after-action report on how you were breached. Because service like this isn’t cheap ($400/hr), we work with your cybersecurity insurance so they pick up the bill, not you.

Conclusion

Much of what constitutes good cybersecurity requires user training and restricted privileges. This often requires a cultural shift and change isn’t easy. Sometimes we need you as the business owner to step in with a firm hand. It is also important to remind users that we’re not here to get them in trouble or make their jobs more difficult, although it can feel that way sometimes. If we don’t protect your data, you won’t have a job to show up to.

Last Post: Convergence of IT & Programming

Shipping DepartmentShipping Department
22:28 04 May 23
Patrick OzierPatrick Ozier
22:32 07 Apr 23
Habazatchery DuftonHabazatchery Dufton
23:56 10 Feb 22
Eddie De La RosaEddie De La Rosa
15:30 09 Feb 22
Remote IT Services in my previous work experiences has always felt a bit disconnected and i even felt reluctant to ask for help at times.The guys at Relion are the best, we've gotten to know them well and all have been onsite when ever needed, even for something as little as setting up a new PC.Big or small Relion will treat you like you are client #1
Jorge SanchezJorge Sanchez
15:06 05 Feb 22
great customer service, very fast response. Always taking care of their customers.Thank you Relion Team
Stephen LealStephen Leal
19:17 02 Feb 22
Relion exceeds all of my expectations. Their team is super responsive when any issue should arise, and troubleshoots problems with lighting speed while always maintaining a high level of customer service and great clear communication. Thank you for continued excellence!
Henry WongHenry Wong
16:42 26 Jan 22
Customer service was excellent! A great team with broad knowledgeable in IT.
Mike WhiteheadMike Whitehead
17:06 18 Jan 22
Brian and the Relion's IT Crew are rated as number one in my view.The support team is excellent and very responsive to my needs. I highly recommend Relion for any size organization!
Jeanine BJeanine B
18:15 14 Jan 22
I absolutely Love working with the guys from Relion! Every person on the team is very kind, respectful and knowledgeable. I feel secure with Relion supporting and securing our internal and external communications as we are navigating various forms of technology each day while working remote, onsite or some hybrid version of either. They are the best IT team I have ever worked with!!
Wayne Lee (LEWAYHUN)Wayne Lee (LEWAYHUN)
00:20 13 Jan 22
Relion is our outsourced IT, although often times they feel more in-house:)
Alejandra AguilarAlejandra Aguilar
00:40 12 Jan 22
Always will go above and beyond
Lainy AbudayyehLainy Abudayyeh
00:00 31 Aug 17
The above and beyond service Relion provides is definitely unmatched. We've had technical difficulties anywhere from 5am to 10pm and we've always been able to get a hold of someone. I cannot even tell you the last time we have been down or offline. I am sure almost all companies can agree, losing all or any data would be catastrophic so there is always a comfort in knowing ours is in good hands.
Sung Kim, DPTSung Kim, DPT
17:43 28 Jul 17
Brian and his team stand head and shoulders above the rest. Their instantaneous response time is a life-saver. They're fast, they're efficient, and most importantly, they're honest. They don't try to up-sell you on this or that, like other companies we contacted. Give them a try. You won't regret it.
AnthonyAnthony
23:56 20 Jul 17
Quick response and really helpful. This group is awesome. I've needed them late at night when system was down and they had me up and going in no time. Customer service is excellent.
js_loader

BUSINESS

STARTING AT $1,000 PER MONTH

NON-PROFIT

STARTING AT $750 PER MONTH

Get a free consultation

Scroll to Top