5 Fundamentals for your Cyber Network Security in 2018 [Checklist]

5 Fundamentals for your Cyber Network Security in 2018 [Checklist]

February 02, 2018


By Stacy ScottBlog1-NetworkSecurity-GettyImages-820243528.jpgThe New Year is upon us, which means everyone is feverishly trying to successfully complete their New Year Resolutions. Whether it was to lose weight, eat better, or achieve a more positive mindset in 2018, the New Year is a time to reevaluate our lives, and how we can make them better during the months to come.

It’s normal to take inventory of our things, thoughts, and belongings in January, reflecting on what made 2017 both bad and good. As our world grows increasingly digital and interconnected, having a defensible cybersecurity framework should be on your reevaluation checklist. It is estimated, right now, that cyber crime will cost $6 trillion[1] annually by 2021. As a preventative measure, to match this statistic, it’s estimated that cybersecurity spending will exceed $1 trillion from now until 2021. Cybersecurity is becoming a major part of our lives, and the quicker you are to consider the benefits and security, the better off you will be in the years to come.

Cyber Network Security Checklist

If you’re ready to strengthen your network endpoint security, here are 5 questions to ask yourself this year:

  • Do you have a list of all assets/software connected to your network?

To implement a defensible cybersecurity plan, you need to know what you are securing, first. Sounds logical, right? Too often, companies think this is under control when it’s not. The first step on your cybersecurity roadmap should be to take inventory of your assets and software that is running on your network. Be sure to include BYOD devices.

Relevant reading: Mobile device security: Tips for securing portable devices at your organization

  • Do these assets have connection approval?

It is common for assets to find their way into network without any preapproval or discussion. If you see some rogue assets on your list, evaluate their access and remove as necessary.

  • Do these assets have company-approved settings installed and configured?

Company-approved settings (i.e., system hardening) help safeguard software and assets from attacks – and trust us, the frequency of these attacks will only increase.

  • Do you know when an unapproved or unsecured asset connects or software runs on your network?

It’s one thing to safeguard the approved assets on your network; it’s another to spot the unapproved in a timely fashion. Do you have a system in place that alerts when an asset/software works its way into your network? This is one of the most important parts of a cybersecurity program.

  • Are unapproved assets or software automatically blocked?

It goes without saying that waiting to determine if an outside actor has penetrated your network, investing in defensive mechanisms that block unapproved assets and software is a standard cybersecurity strategy.  The stronger your blocking defenses, the less you will have to worry about your cybersecurity. Consider removing local administrator from endpoints and denying unapproved software from executing.

To Stronger Cybersecurity in 2018

This short checklist shows how you can better prepare your network security for cyber attacks. It’s a comprehensive start, but there are many additional technologies to consider and regulations to adhere. Now is the time to really invest in the security and protection of your network.

[1] https://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html

Stacy Scott Managing Director, Cyber Risk

Stacy Scott is a Managing Director in Kroll’s Cyber Risk practice, based in Dallas. In addition to founding and operating her own consultancy, Stacy has served in high-profile roles with a leading cyber security consulting firm, a Big Four accounting firm, and the largest not-for-profit healthcare system in Texas. She joined Kroll with over 16 years of experience, during which she built a successful track record of developing and implementing strategic information security initiatives that help organizations better safeguard data, manage risk, and enhance business operations.

Read More

Stacy Scott