Fending Off a Cyber Attack: The Five-Point Plan

A cyber attack can occur at any point in time and could lead to your company’s demise. That’s why it’s especially important to have a comprehensive IT security framework in place to keep your digital assets locked up and guarded. Your mission-critical data is the heart of your operations – without it, employees can’t carry out their duties and be productive, which means your company can’t thrive.

A good way to kickstart your cyber security plan is with the National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity. Since releasing the framework last year, NIST has been educating a broad audience – organizations ranging from multinationals to SMBs – about the use and value of a strong IT security framework.

The bottom line of the framework addresses five basic functions: Identify, Protect, Detect, Respond, and Recover.

1. Identify and Prioritize Your Assets

This first step is crucial to carry out. By giving priority to your most valuable assets and identifying which are more vulnerable to a cyber attack, you know which parts of your infrastructure need greater protection. There are two major things to consider when ranking your assets: probability of attack (POA) and consequence of breach (COB). Understanding these key elements will help you begin optimizing your IT security.

2. Protect Your Data

Protection means preventing intruders from breaking in and getting past your front door. By designing and deploying appropriate IT safeguards, your business can deflect cyber criminals from accessing your network. Investing in high-quality backup software and data recovery services helps ensure business continuity and also cushions the impact of a cyber attack.

3. Detect Cyber Criminals

Detection is key when it comes to recognizing potential threats and intruders. By implementing the right IT solutions to identify the occurrence of a cyber attack, you’re able to intensify your IT security framework and prevent the same type of cyber attack from striking again.

4. Respond to Risks

Once someone breaks in, you need to know what steps to take to fight off the attacker. Having a plan that defines how you respond to cyber attacks makes the whole event less scary and more manageable. The response function is highly action-centered and forces you to strategize against intruders. After the breach, you also need to analyze and understand why your protection failed you and how you can optimize your security infrastructure for the future.

5. Recover Your Business

Recovery is essential for your business to get up and running after a cyber attack. By making your IT infrastructure resilient to hackers, you need to implement disaster recovery solutions that save your precious data.

To learn how you can ensure the best business continuity and IT security plan for your company, contact G6 Communications for a free consultation!

5 IT Security Trends to Look Out For in 2016

Cyber-attacks have become an ever-increasing threat to businesses, and IT security is on high alert. In fact, last year kicked off with a series of high-profile data breaches, and the FBI ranked cybercrime as one of its top law enforcement activities. Some of the big companies who got hit in 2015 were: Anthem (as many as 80 million records of customers and employees were exposed), Sony Pictures (several private company documents were compromised and the theatrical release of “The Interview” was cancelled), JPMorgan Chase (the account information of 83 million households and small businesses were stolen), and several others.

IT security is a major issue that should not be taken lightly. Here are five IT security trends to watch for in 2016.

1. Mobile devices are a huge target.

With more consumers integrating smartphones and other mobile devices into their lives, it has become easier for malicious hackers to target these devices for their personal gain. BYOD (bring your own device) and other mobile-related practices are becoming increasingly popular in the workplace. Smartphones also continue to be the preferred source of authentication for many financial transactions. With so much on the line when it comes to what your mobile device stores – credit card information, business-sensitive data, and other confidential materials – it’s easy to see why these devices are a prime target for cybercriminals. That’s why it’s essential for companies to implement secure policies and employee guidelines on safe mobile practices.

2. Hacktivism and terrorist cyber-attacks will gain traction.

As we near the next US Presidential election in the month of November, “hacktivism” will lead to a rise of protest and politically-driven attacks in 2016. And these attacks will be carried out across a wide spectrum, including social media platforms like Facebook, Twitter, and Instagram. Hijackers who are set on spreading false information on the personal accounts of candidates or want to relay information about specific political issues will take storm.

Additionally, the ongoing conflict in the Middle East and Eastern Europe will spark even greater worldwide political tension, and terrorists will impact IT security through drastic means like shutting down entire systems or news channels.

3. Ransomware is on the rise.

This is a type of malware that creeps its way into your computer through infected links or popup messages and leads to your computer or mobile phone being locked and inaccessible. The only way for you to get your data back is to pay a ransom to your attacker typically through Bitcoin, an encrypted form of online payment that enables the hacker to receive payment anonymously. In some cases, victims are asked to pay several thousands of dollars.

This isn’t something new, but it’s increasing and becoming a huge IT security risk to look out for in 2016.

4. Be aware of internal threats.

A data security breach can cost your business its reputation as well as a lot of money. It can be especially devastating when the breach is caused by someone from the inside. Well-known breaches such as Ashley Madison (37 million records stolen) and Morrison’s (100,000 staff records leaked) have been widely reported to have been perpetrated by insider threats.

But spotting a security threat from within can be incredibly difficult because the attacker is somebody who usually has permissible access to the data they steal. That’s why it’s important for companies to have security systems in place to protect against both outsider and insider threats.

5. Spear phishing will grow more sophisticated.

Spear phishing occurs when a single user or department is addressed by someone who appears to be from within the organization – aka someone you trust – and they request sensitive information like logins and passwords from you. This is the primary method for hackers to gain access to secured networks in order to deploy spyware, Trojan Horses, and other malware in the targeted computers. With the targeting of high-level executives or people with a high security clearance on the rise, it’s crucial for businesses to invest in a quality IT security plan and policy in order to keep their systems protected.


4 Ways to Minimize Security Risks Online

These days, there’s just no escaping the inevitable daily usage of the Internet. In most cases, we welcome it, warmly, appreciating its convenience for so many of our routine tasks. Just as it is convenient, though, online activity also holds the potential to compromise your personal security.

While there are several ways that a person’s online security can become compromised, there are also several ways that these risks can be combatted. Heeding caution — even in seemingly harmless situations online — can help you reduce the risk of experiencing security issues. Here are some helpful hints for minimizing security risks online.

1. Be Sensible and Smarten Up Your Passwords

Come on, you can be a little more creative than just using “password123” as your go-to for everything. It’s not just a matter of creativity, however. Commonplace passwords such as these can be guessed easily, making a hacker’s work much easier.

Additionally, a universal password (one used for all online accounts) is also risky as it would allow a hacker access to not only the particular account they hacked, but subsequently, everything else with that password.

To hopefully prevent this possibility, creating different passwords for your various accounts is recommended. Additionally, these passwords should be changed about twice a year. It might force more memorization than you’re used to, but it will be worth reducing the security risks.

2. Familiarize Yourself with Anti-Malware Software

Even computer novices know about anti-virus software, but there are major perks for those who are aware of anti-malware software. While anti-virus software is great to have, it does not always come equipped with anti-malware features. Therefore, it’s recommended that you ensure protection from malware by separately installing an anti-malware software.

3. Fine Print Isn’t Always So Fine…

Everyone has rolled their eyes and scrolled through a seemingly endless ‘terms and conditions’ manifesto when signing up for something online. This is sometimes harmless, of course, but there can also be fine print that puts you at risk in these agreements. Some companies will discreetly mention soliciting your information for marketing purposes, which you’ll obviously want to avoid. Whenever possible, seek opt-out options and pay attention to any automatically-checked boxes that appear when agreeing to legal terms.

4. Conceal Your Identity with a VPN (Virtual Private Network)

One of the most convenient aspects of the Internet is that we can access it just about anywhere we go today. However, hackers are known to exploit the use of public wi-fi by creating faking networks. A great way to give yourself some protection when you’re using a public network is through the use of a VPN, which is short for “virtual private network.”
A VPN is designed to keep your profile anonymous from threats such as hackers when you’re using the Wi-Fi at the likes of an airport or a cafe. The use of a VPN will also keep your profile anonymous when you use it at home.