Skip to content
Cybersecurity services
Sean McCloat, CISSPOctober 25, 20185 min read

How to Secure Your Business from Cyber Attack

If you haven't suffered a security breach or ransomware attack recently, you may believe that your IT environment is secure, and you are successfully preventing intruders from getting in.

But how do you know? Just because no one is reporting problems does not mean that malicious activity does not already exist in your environment.

Likewise, if you recently recovered from a cyber attack, and took steps to secure your environment, how do you validate that your network is now secure?

How to Secure a Business from Cyber Attack

  1. Perform a security focused IT assessment of the current "as is" environment.
  2. Implement changes where necessary as identified by the security assessment.
  3. On an ongoing basis, monitor your network and continue to validate that your IT environment is secure.

 

1. Perform a Security Focused IT Assessment of the Current Environment

A security focused IT assessment is a one-time endeavor where you can use the services of a cybersecurity company such as Corserva to evaluate your IT infrastructure. This process involves these steps:

  • review of your network and systems design
  • configuration of devices
  • evaluation of operational capabilities
  • interviews with your staff at the technical and executive level

The purpose of the assessment is to determine the overall health of the IT ecosystem, technical design review, and the security and risk posture of the organization. Depending on your industry, there may be specific regulations with which your company must comply, such as those for PCI DSS, HIPAA, NIST, and GDPR.

In the assessment process, we determine your "as is" IT environment and identify changes that must be made to align with best practice security guidelines. Part of the assessment will be to review your company's strategic business goals and determine the best technology roadmap to meet your objectives.

 

Download cybersecurity ebook

 

2. Implement Changes

The security assessment will uncover areas for correction to achieve a more secure environment. The changes needed may include:

  • Processes or procedures that must be implemented or modified
  • New technologies that must be put in place

3. Monitor Your Network & Validate Your IT is Secure

After you go through the security assessment and you have implemented changes, you need to continue to validate that your IT environment remains secure.

Security is not limited to any one aspect of your IT infrastructure.

straight

Think beyond the network.

straight

If you suffered a breach, the bad guys may have accessed your infrastructure even if the network was not unsecure. Think about your systems and any devices communicating on your network to each other.

To ensure security, you need to think about the lifecycle of your IT environment. Your environment is always changing, and change introduces risk. A seemingly innocuous change can have an unforeseen upstream or downstream effect on your environment. It is critical that changes within your IT environment are documented and that you continue to monitor and validate your security.

Security is Not a Shopping Cart

Don't think of security as a shopping cart and assume that if you pick the right set of tools, you'll be secure.

Scenario #1:

Let's say you have implemented a top-of-the-line endpoint security solution.

straight

But what if your network was already unsecure?

straight

All you've done is implemented additional software that can't protect you from problems that are already present. It's as if you put a lock on the door after the burglar already made it into your house.

Scenario #2:

As another example, you may be running backups to an appliance religiously. That archived data could contain viruses. If one day your CEO is looking for an old email from 2005 and you are asked to restore it, you could inadvertently release problems into your IT environment. Similar problems can occur when you restore old workstations.

Use Monitoring to Prevent Existing Vulnerabilities Wreaking Havoc

Ongoing monitoring of your IT infrastructure can protect you from these issues. You can't assume anything.

 

TRY IT FREE

 

Once you have taken steps to prevent a cyber attack, a managed SIEM solution can keep your information and systems secure.

A Layered Approach

It's no accident that security best practices require a multi-layered approach (Defense in Depth).

You can't implement all the layers required for security in one day. Instead, a typical approach might focus on a sequence of areas to address.

  1. Firewall
  2. Endpoints
  3. Everything in between

A common pitfall of IT managers is to focus too heavily on only one layer of defense, ignoring other layers.

Don't assume that you are protected because you have implemented the latest and greatest security product.

  • Was the new tool configured correctly when deployed?
  • Have you fine-tuned it to work optimally in your environment?
  • Over time, is the original configuration implemented still optimal for your environment?
  • Is the firmware up to date?

Think your security posture is already pretty good? Feeling confident?

Why a Tool Based Approach Won't Work

Instead of continuously adding the latest headline-making security tools, you need to take an organized strategic approach to the security of your IT environment.

That's why a security focused assessment of the current environment is such a critical first step. Without it, you could end up spending your IT budget on the low hanging fruit that is easy to implement yet gives a false sense of security.

Take the security posture quiz

You may be better served addressing the security of the connections between endpoint devices and the internet before implementing any type of endpoint security solution.

Tools Will Change but a Solid Security Strategy Never Goes Out of Style

Don't be fooled by the marketing hype. There is no one solution to protect everything. Don't put all your eggs in one basket.

The thinking behind guidelines such as Defense in Depth and security frameworks remains important.

Even if you invested in a strong firewall and good endpoint protection, don't assume your environment is safe. Complacency can creep in when there are no fires to put out.

Take a strategic approach and validate the security of your IT infrastructure continuously. Move away from the mode of "which security product should we install next year?"

It all comes back to risk management. You can't manage your risk if you don't know what it is.

Get a Quote Now

Corserva provides IT risk assessments that evaluate your entire IT infrastructure. We work with you to review your existing cybersecurity concerns, discuss previously unknown risks uncovered in our evaluation, and make recommendations where you can make improvements.

Request a quote for an IT risk assessment today.

GET A QUOTE

avatar

Sean McCloat, CISSP

Sean is responsible for Corserva’s network and security operations centers, field services, sales engineering, data center operations, and professional services. He has an intense focus on delivering exceptional customer service across a wide array of client engagements. With 25+ years of national and global experience in the IT industry, Sean has real world experience at the corporate and enterprise levels of healthcare, advertising, and logistics organizations. In addition to his CISSP certification, Sean is a CMMC-AB Registered Practitioner (RP). He leads Corserva’s assessment and compliance team, guiding companies in meeting business objectives with NIST 800-171 and CMMC.

RELATED ARTICLES