Reducing Risk in a Fast-Changing World
By Karen Burke
As we approach National Cybersecurity Awareness Month, we stop (briefly) to remember the many well-intentioned industry cybersecurity predictions that were made at the start of 2020 – and quickly were forgotten or made irrelevant as the global pandemic lockdown took place and other more urgent security issues took precedence.
This year's events, along with a fast-changing news cycle and evolving threat landscape, demonstrate why organizations need to remain vigilant and agile to quickly adapt and respond to changing business environments.
Today's news headlines alone included: Israel is returning to a full national lockdown, the UK government is considering a second full national lockdown, New York City has delayed –again – the start of in-person classes, the 2020 U.S. election race is tightening and Supreme Court Justice Ruth Bader Ginsberg has passed away.
What can organizations do to better prepare for the unknown, improve their security posture and support their customers, partners, etc.? Below are a few recommendations:
Track Global Current Events Situational awareness includes keeping track of the changing world events. Cybercriminals exploit the latest news cycle, from the election and the pandemic to wildfires and mass shootings, to scam their victims. Be alert to the next possible scams that your organization may face. The FBI, Better Business Bureau, and Europol are among other possible resources to monitor for the latest scams.
Update Incident Response/Crisis Communications Plans: Every quarter, review your current incident response and crisis communications plans and update them as needed. As 2020 has taught us, black swan events and other unexpected changes require immediate, well-executed responses – prepare for both the known and unknown threats.
Backup Your Files Ransomware remains a dominant threat – be sure to build redundancies in your organization, from processes to staff responsibilities, and routinely backup your files.
Identify DNS-related Brand Risks Conduct an audit of your DNS infrastructure to identify potential risks for your brand, such as abandoned subdomains. In addition, DNSDB Flexible Search, due out next month, October 20th, 2020, will enable organizations to easily search for look-alike domain names and other domain names related to their brands that may be used for phishing attacks or brand infringement campaigns.
Check In on Your Customers When was the last time you talked to a customer? How have your customers' business and security challenges changed this year? What more can your organization do to provide help and support? Learn – and then execute – new ways to serve your customers.
Recognize and Reward Your IT/Security Staff The significant uptick in cybercrime this year and the unexpected move to remote work has put considerable strain on IT and security staff. Recognize – and reward – their hard work.
Improve Management-to-Employee Communications During difficult times, communication among staff members can be lagging – or non-existent. Develop and continue to refine communication methods to keep your staff up-to-date on the latest security risks and maintain a regularly updated knowledge base/resource center.
Do you have more suggestions? If so, please send them to firstname.lastname@example.org and I'll add to this list.
Karen Burke is the Director of Corporate Communications for Farsight Security®, Inc..