ENISA, the European agency for cybersecurity, has put a number of tips or best practices online for companies and organizations to increase their resilience against hackers and cyber-attacks. Implementing two-factor authentication and examining the backup strategy are two examples. The agency hopes organizations in the EU will take these tips to heart to increase Europe’s overall cyber resilience.
This is what ENISA writes in the policy document ‘Boosting your Organisation’s Cyber Resilience’.
These trends explain the increasing number of cyber attacks
The cybersecurity agency reported in the latest edition of its annual Threat Landscape Report that the number of cyber threats has increased by 30 per cent in the past year compared to 2020. Compared to 2019, the increase was a whopping 60 per cent. Security experts warned in the report that the coronavirus pandemic posed a major challenge for system administrators and other IT staff. This is because many employees worked from home and security is often less well organized than on the work floor.
According to ENISA, three factors underlie the increasing number of cyberattacks. For starters, ransomware continues to play a major role, putting millions of businesses worldwide at risk of being the target of a ransomware attack. The fact that there is a lot of money to be made from hacking attacks is an important motivation for hackers and cybercriminals to carry out cyber attacks.
Finally, the number of cyberattacks on critical infrastructure has increased exponentially. By threatening to disrupt society, the victim is more likely to pay a ransom. This prompted the American oil company Colonial Pipeline and Brazilian meat processor JBS to pay the attackers $4.4 million and $11 million respectively.
Tips are an addition to existing safety measures
To make European companies and organizations more resilient to cyber-attacks and digital threats, ENISA has published a joint policy document together with CERT-EU and all national CERT bodies. In it they list 14 best practices to make the company more resilient against hackers.
The agency and aid organizations point out that the tips complement the already existing safety regulations and protocols in the EU Member States. They are emphatically not intended to replace current security measures.
MFA, different passwords and update policies
The first tip that ENISA and cybersecurity organizations give is to use multi-factor authentication (MFA) where possible. In addition to a username and password, you also need an access code. It changes continuously and is therefore never the same twice. It is best to use an authentication application or FIDO2 (Fast IDentity Online) security key for this. SIM swapping allows malicious parties to intercept text messages containing the passcode.
Building on this, the authorities are advising employees not to reuse the same password for other applications, social media or online services. For security reasons, it is better to come up with a different password for each service or to apply MFA.
Making sure all software is up to date is the third tip. This applies to programs and operating systems that companies and organizations use, but also to the personal devices of employees that they use at home. By regularly installing updates, employees close potentially dangerous vulnerabilities. As a result, the chance that sensitive companies and companies will end up on the street is a lot smaller.
Monitor network activities, secure cloud environment and formulate backup strategy
To detect cyber attacks at an early stage, it is wise to monitor internal systems and network activities closely. Unauthorized access is then quickly noticed. The sooner system administrators can take countermeasures, the less likely they are to be targeted by a hacker. Network segmentation ensures that hackers do not have unfettered access to all network components once they are inside.
Strengthening the cloud environment is the fifth tip that ENISA and cohorts give. Research by Ermetic shows that almost all companies that are active in the cloud have been confronted with one or more data breaches in the past year and a half. No sector was spared that fate. Companies that store confidential data in the cloud would certainly be wise to take a critical look at the authorization policy and security measures.
A good backup strategy can literally save a company from destruction if attacked by hackers. It’s a good idea to have multiple backups of important data on-premises and at least one backup outside of it. In addition, organizations need to think carefully about how and how often they make backups.
Adjust default settings, set up spam filters and train employees
It may sound obvious, but businesses should remember to adjust defaults. The default username and password are often admin and admin. Cybercriminals know this all too well. When they try to break into something digitally, that is often the first combination they try.
Keeping business email inboxes from overflowing with fake messages requires good and resilient spam filters. If fewer of these messages come in, the chance that an organization will become a victim of phishing is smaller.
In this context, it is also sensible to have staff members follow cybersecurity training. A teacher points them out to possible cyber threats and confronts them with the facts. Organizing a cyber awareness event on a regular basis is a good way to update employees about the latest threats and methods of hackers.
Formulate communication policy and make agreements
A final tip that ENISA and the national CERT bodies give is to formulate a good communication policy. Make agreements about who communicates with whom in the event of a cyber attack. Also, make sure that a disaster plan is ready. The same applies to Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP). In this you record agreements about how to act during and after a cyber-attack or other calamity.
Catch up on more articles here
Follow us on Twitter here