NCSAM 2019: Cybersecurity Tips for Enterprise IT Pros
October is National Cybersecurity Awareness Month (NCSAM) in the US.
IT departments are tasked with protecting more than ever. Today’s IT department is responsible for creating, maintaining and managing a myriad of systems. Not only do you need to secure internal connections, but you also need to ensure availability for cloud-based applications and your company website.
Many of the suggestions below may be already in place. However, as threats and organizations evolve, so does the need to audit current policies and procedures.
Your users also have a responsibility to use tech resources with security in mind. Continual education is an important part of protecting your organization. (We’ll talk a little more about this later.)
First we’ll talk a little about what NCSAM is, then we’ll dive into this year’s theme with some helpful tips for IT professionals.
Let’s begin, shall we?
What is National Cybersecurity Awareness Month?
National Cybersecurity Awareness Month is an initiative created in 2004 as a collaboration between the US Department of Homeland Security (DHS) and the National Cyber Security Alliance. The EU also uses the month of October to spread cybersecurity awareness during European Cybersecurity Month.
Prior years focused on the theme of shared responsibility. This year’s NCSAM theme is an expansion of the original idea, titled: “Own IT. Secure IT. Protect IT.” Most of you practice this everyday; it’s an integral part of your job.
Let’s take a look at how you can empower your organization to practice online safety in the office and out in the field.
NCASM Theme #1: Own IT
Online safety starts with a secure connection for every user in your organization. This includes employees, vendors, and customers.
As an IT pro, this is mostly your responsibility. However, you need to stay in contact with other departments to ensure information is accurate, such as:
- HR managers to determine access levels for employees.
- Finance and/or Department managers to help with vendor risk management
- Tech support for widespread access problems (from employees, customers, vendors)
- C-Suite executives for software purchases and licensing
CIO and/or CTO duties have changed dramatically as individual departments like HR and marketing have their own software purchasing requirements. These new duties often include policy creation, incident response/recovery plans, assistance with vendor risk management program creation, and regulations regarding online privacy for website visitors. HR can assist with employee training and dissemination of information.
Here’s how IT pros can Own IT:
- Provide VPNs for remote employees
- Adopt and utilize SSO with the latest security standards
- Use hardwired internet connections when possible
- Install security software on every machine
- Document all systems, as well as users and access levels
- Create and regularly update a computer access policy for employees and vendors
- Know the regulations affecting your business, including State, National and International laws such as GDPR
- Create an incident response and recovery plan for data breaches, attacks and unauthorized disclosure of information through phishing, etc.
- Invest in external monitoring software that works with load balancers
- Have a policy for monitoring network and web infrastructure, including alerting, escalations and incident response.
- Limit use of non-company owned equipment, and ensure connected devices are secure
- Create a separate network for wireless devices to avoid botnet attacks.
- Use transaction checks to ensure website elements are working
Uptime.com provides enterprise-level protection including advanced escalation policies. Start your free 21-day trial today, no credit card required.
NCASM Theme #2: Secure IT
With so many users, devices and connection types to manage, keeping everything secure is as difficult as trying to hang wallpaper with one arm. No matter how good your security is, new threats are constantly emerging.
According to Symantec in their Monthly Threat report, web attacks per day steadily increased in 2019.
Phishing emails are also a huge area of concern for businesses, and they are becoming more sophisticated. These emails are often opened and/or replied to by people outside of IT, so it’s critical that every computer user has the proper training to identify these types of emails. The graphic below shows the phishing rate in August and September 2019 for ten industries as reported by Symantec.
Here’s how you can Secure IT on the job:
- Send security training emails to teach about phishing, Have security training sessions for management and employees. Inspired eLearning has some free training resources.
- Provide information such as the NCSAM toolkit to employees so they understand how to protect themselves at home
- Schedule local security scans on every machine
- Use SSO and MFA when available
- Create a DevSecOps model within your IT teams
- Practice Zero Trust when applicable
- Check SSL connections and DNS records for expirations and changes
- Blacklist/malware checks, virus
- Domain Health
- Keep an eye on unusual site response times with RUM and HTTP/S checks
- Patch and upgrade software on every machine periodically
- Document everything, no matter what!
- Obtain PCI DSS certification for your organization or only use PCI-compliant vendors for payment processing
NCASM Theme #3: Protect IT
In the past, protection was an extension of security. IT departments applied protection periodically to mitigate threats. Attacks usually occurred on desktop devices.
Today, security and protection are a continual cycle. You secure your infrastructure against known problems, but new threats emerge and you must apply new protection methods. Hackers exploit weakness you never knew existed.
Protection is often incident-driven. A data breach or DDoS exposes holes in your network that weren’t properly secured. So you apply protection and begin recovery procedures.
Here are some tips to help you Protect IT. As with previous tips, many of these are probably already in place but could use an audit:
- Establish and regularly update a protocol for user access to sensitive information
- Work with HR to delete users from databases or change access permissions based on employees leaving or changing positions
- Establish a protocol on sharing documents outside of your organization, train employees on access levels (for apps like G Suite, Office 365, etc.)
- Regularly update incident response plans based on current threat landscape
- Hold individual training sessions for employees that violate usage policy or accidentally disclose information through phishing email or other means
- Share incidents and maintenance info via status pages to keep everyone in the loop
- Proper configuration is key to making sure measures are working properly. When applicable, ask service providers to check configurations after internal testing is complete.
- Stay up-to-date on the latest threat intelligence and regulations
Cybersecurity is a Shared Responsibility
IT’s role is fundamentally changing as more and more enterprise employees are connecting to cloud-based and on-site systems at home and at work.
As employees connect to your network, they become responsible for what they do online.
That’s why it’s critical that you provide the resources necessary to make your organization aware of how to stay safe.
Here are some key takeaways for you to ponder:
- Provide a safe way for employees to connect to internal and external systems
- Work with HR to provide updated and appropriate training
- Monitor infrastructure internally and externally to ensure customers and those outside your network can connect to your website and systems
- Audit and update security policies and procedures
- Remember that security and protection work together in a continuous loop
- Learn from incidents and update practices when necessary
October is the official month to spread cybersecurity awareness, but it should be a year-round practice. No matter what country you live in, today’s lessons from National Cybersecurity Awareness Month provide some great tips for your company to practice.
Minute-by-minute Uptime checks.
Start your 14-day free trial with no credit card required at Uptime.com.