Being prepared for the storm: maintaining a proactive cybersecurity strategy

Having worked in cybersecurity for the last several years, I’ve seen the ways that the security threat landscape has evolved and changed. I’ve also seen just how critical it is to maintain a thoughtful and proactive cybersecurity strategy and program, particularly in times like this.

In the world of cybersecurity, where it’s extremely difficult to know when a hacker or bad actor is targeting your organization, being proactive could mean the difference between business as usual operations and a major incident that exposed sensitive information or compromised technology systems.

This is a frightening reality and we have seen that no business of any size -- even government and healthcare organizations -- are safe. All cyberattack cases we see (and don’t see) on the news are unfortunate but they are important lessons. Each incident is a wake-up call for all Canadian cybersecurity professionals to stay alert and be proactive.

Evolving threats in cybersecurity

As the internet and technology continue to evolve, so do the occurrences and risks of cyberattacks. There are many different and evolving ways for hackers to attack any business system, and these days, it goes far beyond simply knowing a password.

The volume and variety of phishing or malware attacks grow with each day. They include ransomware, malicious links, attachments, spyware and viruses that can appear to be harmless but are dangerous to the endpoint and connected business networks when clicked. Once the attack is activated, a domino effect of actions can begin to take place and can lead a hacker towards taking command and control of an organization’s technology ecosystem. The end result is your organization and its systems becoming vulnerable and exposed.?

A recent article from IT World Canada shared a “sneak peek” of a cybersecurity survey conducted by IDC Canada. It was revealed that 67 per cent of 460 Canadian businesses questioned were victims of ransomware in the last year. Sixty-seven per cent of a handful of Canadian businesses.?

The research data shows that Canadian organizations may be hit harder than we think. In some cases, the limited ability to mobilize quickly and remove the ransomware resulted in some companies being victimized multiple times with the reoccurrence of the same attack. The good news is that some organizations were able to recover and resume operations after the attack through reactive actions and planning.?

How to practice proactive cybersecurity

In the world of cyber, there is a major difference between being proactive and reactive. A proactive stance prepares your business to operationally recognize and execute countermeasures before an attack happens, whereas when you’re reactive, the damage could be done before you even know about it and any actions taken are remedial in nature.

It is important to ensure that your business is prepared even before malicious threats come your way. Here are some general proactive steps you can take to help make your business more secure:

1. Understand the cyber threat landscape of your business: A threat landscape is a filtered collection of threats in a particular domain or context, with information on identified vulnerable assets, threats, risks, threat actors, and observed trends that would apply to your business.
2. Conduct a comprehensive risk assessment: It’s a good idea to check where potential vulnerabilities lie in the system related to your threat landscape. Knowing what may be a risk and having an approach to managing them from the beginning could help you determine where additional investments in increased cyber protection.
3. Train employees to detect potential threats: Most cyber threats arise due to human error. Reduce these common errors by regularly training staff to identify and appropriately respond to any suspicious activities.
4. Evaluate and test cyber incident response plan: Keep up to date on testing your security-specific incident response plan at least annually. Practice equates to better preparation and can help to identify any gaps in your cyber program.?

A cyberattack ultimately begins with a point of access into your system - a security or controls gap that you haven’t identified or prepared for. It’s understandable to think you will recognize cyber threats and react to them when it happens, but in reality, the damage may already be done by the time that you become aware of the incident and subsequent issues. Being proactive can prevent or stop cyberattacks in their tracks, protecting confidential systems and information while ensuring your organization is ready for business as usual.