Protect Your Business: Expert reveals Cyber Hygiene Checklist for 2024

Copyright: (Iakimchuk Iaroslav) / Shutterstock.com

58% of large businesses have experienced cybercrime in the last 12 months, costing around £5,000 per incident.

Cybercrime should be at the forefront of businesses’ priorities to avoid loss of time and income. So with 95% of cybersecurity breaches resulting from human error, application security SaaS company Indusface have compiled expert advice on conducting a cyber-hygiene deep clean to prevent cybersecurity breaches in the age of remote working and AI usage.

Common consequences of bad cyber-hygiene

• Loss of data
• Misplaced data
• Security breaches
• Out-of-date software
• Older security software

Your business cyber-hygiene checklist

1. Document existing processes – examine all existing hardware (computers, mobile devices and any connected devices such as printers, fax machines etc.), software (all programs used on your network, or installed directly onto company property like laptops and computers), and applications (web apps such as Dropbox and Google Drive)
2. Scrutinise for vulnerabilities – wipe all unused equipment, update all software and apps, update user passwords, uninstall programs that aren’t regularly used
3. Create a central cyber-hygiene standard operating procedure or policy- regular changes to complex passwords can prevent suspicious activity, regular software and hardware updates maintains performance and prevents unexpected issues, document all new installs and prohibit employees from downloading suspicious software, regularly back up all data to a secondary source such as a hard drive or cloud storage
4. Put a special thrust and focus on anything facing the internet starting with an understanding of all your public facing assets and having a regular vulnerability assessment and mitigation plan for those assets

How to transform the cyber-hygiene of your workplace

Customer data is the most important asset that any organisation holds. When this data includes PII, any data exfiltration can lead to a whole lot of compliance problems and fines.

Applications including websites, mobile apps and APIs are most often attacked by hackers to exfiltrate data. That said, employees could also be used as a backdoor to run these attacks by impersonating them.

Initially, we will discuss the application security methods for cyber-hygiene.

1. Understand your external attack surface

Large organisations struggle with maintaining an inventory of all external facing assets that could be accessed on the internet.

The first step is to understand this risk and employ attack surface discovery tools to make a list of all the public-facing websites, applications, and IPs.

2. Scan the attack surface for vulnerabilities

An analysis by MITRE ATT&CK found that over 50% of cybersecurity incidents are a result of remote code execution. This is many times more prevalent than phishing attacks which cause around 10%.

Code injections can only happen when applications have vulnerabilities such as cross-site scripting or an HTML injection.

Once you identify the attack surface, the next step is to scan all of your business’s critical applications for vulnerabilities such as the above.

Most compliance guidelines also mandate annual manual penetration testing by certified experts.

3. Patch vulnerabilities regularly

The next step is to patch vulnerabilities on time. Most studies say that even critical and high-severity vulnerabilities are patched 200+ days after they were first discovered.

Reasons include a lack of expertise in applying patches (seen during last week’s CrowdStrike incident), legacy code or fear of disrupting business continuity.

The next alternative is to virtually patch the vulnerabilities on a WAAP or a WAF so that at least the vulnerability cannot be exploited while they buy time to deploy patches on code.

4. Perform Log Analysis Regularly

Next is to perform regular analysis on access logs, request logs, response logs and so on. This Is where artificial intelligence really shines and will be able to call out any anomalies that could point to any attacks on applications, as well as being able to leverage this intelligence to tune security policies.

5. Encourage individual accountability

Employees should recognise the personal implications of their workplace being involved in a data breach and have a strong understanding of endpoint security.

In 2023, over 352 million individuals were affected by data compromises, highlighting just how critical it is for organisations to provide employees with comprehensive training on what constitutes sensitive data and how they can protect it, as well as what is at stake if they do not adhere to the policies. Sensitive data of this nature could provide the blueprint to future personal attacks.

If employees understand that attacks don’t just affect the business, it will aid engagement on a more intrinsic level. Additionally, understanding the frequency of attacks will solidify their engagement.

6. Employ encryption software

Encryption software is able to provide peace of mind when it comes to data breach risks associated with remote working, such as encrypting sensitive files so that even if someone were able to steal them, they would not be able to access the data or content.

Employers should create security policies that ensure all workers, especially remote workers, are aware of how to encrypt files and when it is necessary. Furthermore, routine checks can be done to ensure this is being followed.

7. Utilise VPNs across the business

With data breaches costing businesses an average of $4.45 million in 2023, it is vital to invest in tools that can cover vulnerabilities.

As a defence against the risks that come with employees accessing work materials via unsafe home and public networks, all workers should be encouraged to use a virtual private network (VPN). This software is easy to implement and protects data that could otherwise be vulnerable to attacks over an open network.

8. AI usage policies

If a business relies heavily on their AI system, although it may aid speed with which things can get done, it also increases risks of opening a cyber attack, as it is likely to hold a wealth of crucial business information, from private consumer data, to financial data on the business itself. The same AI-based policies which provide business benefits for speed can become the biggest risk for attack vectors exploiting business logic and stealing more critical data.

9. Remote working policies

Venky Sundar, Founder and President – Americas, Indusface, comments on the data security risks that come with increased remote working:

“Remote working means people are working in less secure environments and their devices are more exposed to data breaches both digitally and physically. Many remote workers are using the same device for professional and personal use, or even accessing company data on devices shared with other household members.

“Employers can no longer rely on the security strategies that were designed for in-office working; data is no longer just being accessed under one office roof where IT can supervise.

“Security policies can therefore be designed while assuming that a hack is inevitable. Even if an employee’s laptop is compromised, every business should design systems in such a way that hackers cannot access critical IT infrastructure through the employee’s endpoint and limit the damage. Therefore a holistic policy on both application security and endpoint security is essential.”