Roland had the opportunity to meet with Robert Herjavec, star of ABC’s Emmy award-winning show Shark Tank and former CEO of #1 ranked MSSP Herjavec Group.
Impress Computers meets with IT MSP Providers from the World once a quarter and one of the things that we cover is Cyber Security and how small to medium sized businesses are protected against threats.
Having a solid Cyber Security Stack is important to protect your company
We recommend having the following as a Security Stack
- Firewall with an active subscription
- 24/7 Managed Environment that has a tech team monitoring your system continuously
- Zero Trust Program like Threatlocker that blocks unknown programs, that are not white listed, from running.
- Sentinel One with End Point Security and an Active EDR – End Point Detection and Remediation – and a 24/7 SOC
- Acronis Backup Disaster Recovery and Restore with Acronis Cyber Protection
- Advanced Email Security with Ai, like Graphus
- Employee Training from Bullphish
- 24/7 Dark Web Scans to detect when credentials are exposed
Robert Herjavec discussed this recently in his blog.
No matter how many firewalls or network controls you have in place, the risk of insider threat will always be present. So it should go without saying that enterprise security programs should be built with this in mind !
In light of the ever-evolving threat landscape, the interconnectivity driven by the Internet of Things (IoT), and rising remote work scenarios, one thing is clear – the strength of an organization’s cyber hygiene relies on the internal practices implemented.
It’s more important than ever before for organizations to ask: how are we prioritizing cyber hygiene?
If you’re not sure where to start, these tips are for you !
- Apply available patches and updates immediately. If there are no more patches available in the version you have, discontinue the use of the software or operating system in question and update it to a newer version.
- Segment your internal corporate networks to isolate any malware infections that may arise.
- Conduct regular social engineering tests on your employees to actively demonstrate where improvements need to be made. Hackers are routinely attempting novel ways to infiltrate corporate networks so it’s important to ensure that your employees are aware of how their online behavior can make them – and you – more vulnerable.
- Build security awareness training modules to educate your employees on how to spot phishing emails or business-related scams.
- Conduct regular network penetration tests to identify flaws and vulnerabilities in your corporate networks. If you don’t have the talent in-house, employ a third-party security firm.
- Know what your crown jewels are. What are the most important data points integral to your business and how do they need to be protected? Even when digital services are temporarily unavailable, how will you continue to provide essential services to your customers?
- Incorporate Threat Intelligence for a proactive approach to finding the threat types that are relevant to your organization based on your industry and company size.
- Ensure that your organization has a robust incident response strategy so that even if a breach occurs, you can mitigate damage and business continuity can be maintained.
- Implement the right tools, processes, and technology – based on the needs of your organization. There is no one-size-fits-all solution when it comes to cybersecurity.
- Stay ahead of the curve by subscribing to cybersecurity news, industry updates, and threat advisories. Subscribe to the US-CERT and to Herjavec Group’s Threat Advisory communications.
Given the rising threat of cybercrime, it’s our responsibility as cybersecurity professionals to do our part in maintaining strong cyber hygiene practices and lead from the top down.
Business leaders need to become a driving force for integrating security into the company’s culture so that employees understand its priority.