We talk with many company leaders who have implemented the fundamentals of cyber security but still feel unprepared to face today’s cyber attacks.
Anti-virus, anti-malware, firewall, data backups, phishing awareness education for employees, and encryption of sensitive data are often deployed and managed in-house or by a managed I.T. services provider. The importance of these I.T. security fundamentals is indisputable—but a majority of breaches happen behind the firewall.
Breaches that are triggered by employee activity—clicking harmful links, downloading disguised files, joining a compromised device from home to a company network—can occur even with all of the fundamentals in place. We see around 20% of users fall victim to a first-time simulated phishing test (40 employees in a company of 200, for context).
Managed security services that include SIEM, HIDS, NIDS, and trained analysts can catch anomalous network activity that cyber security basics can’t. Here are 12 signs your company may be ready to move to the next level of protection and prevention.
1. You’re unsure what would happen if one of your employees clicked on a phishing email.
From ongoing preventive education to detection to incident response, a number of cybersecurity services must be in place to guard your greatest vulnerability: your employees. If you’re unsure how your company would deal with a phishing email click or malicious file download (reported and unreported), it’s time to closely examine your cybersecurity policy and solution.
2. An alarming number of hours (employee or MSP support) are being devoted to managing your current cybersecurity solution (or lack thereof).
Managing false positives can be one of the greatest difficulties faced by in-house or inexperienced teams attempting to monitor network activity. If there is too much information to sort through in a reasonable amount of time and manpower, it is likely that the monitoring software isn’t able to learn and/or your employees aren’t able to teach it to ignore common false positives.
Similarly, without a network monitoring solution in place, you may be shelling out cash for incident response or more expensive firewalls when a quality monitoring solution would be more suited to your needs.
3. You need be immediately alerted to an intruder or malware on your network.
To achieve this, your network must be monitored 24/7/365 and all network activity must be logged to better detect and respond to attacks (SIEM).
(Related: Your team is not equipped to manage SIEM software.)
4. Your current cybersecurity solution isn’t doing enough to safeguard your greatest vulnerability: your employees.
Employee education and training programs should graduate employees that know what to do — and what not to do — when they receive an email with a link or attachment. A simulated phishing program can provide practice and expanded point-of-weakness training.
5. You are unable to customize your current solution to your company.
Symptoms of a lack of customization include exposed endpoints (mobile devices or website service, for example) or over sized/inadequately sized log storage, to name a few.
6-9. You aren’t sure who should have the final stamp of approval on your cybersecurity practices and policies. Plus:
- You desire more communication, clarity, and accountability from your team regarding cybersecurity matters.
- You want documented, company-wide cybersecurity policies informed by experienced professionals.
- You wish to develop a company-wide cybersecurity incident response plan.
If you identify with any of the above (#’s 6-9), you may benefit from the availability and expertise of a highly skilled cybersecurity consulting body.
10. You have (or suspect you may have) experienced an unaddressed breach in the past.
As you learn more about cyber crime and how it works, you may wonder if your company data has already been exposed. A compromise security assessment can help answer your question and help you stop any gaps that caused or could cause a breach.
11. You’re aware you need to verify the security of your vendors but aren’t sure how (other than taking their word for it).
Notable breaches caused by weak vendor security include Target (2013) and Netflix (2017). Vetting vendor security is vital, and for any company dealing with multiple supply chain vendors, managed security services with advanced threat detection are becoming the norm.
12. You’ve historically had trouble budgeting for, finding, and retaining high-quality IT staff.
Consider outsourcing cybersecurity so your business can have a dedicated team without the time and expense involved in recruiting.
You represent (or are a vendor for) an industry subject to state or federal compliance regulations and…
- You have not had a comprehensive evaluation of your security standing in the last 12-eighteen months.
- Your compliance task force has limited-to-no background in cybersecurity.
- You aren’t sure if your current I.T. security professionals have a solid grasp of your specific compliance regulations.
These are all solid signs that your cybersecurity solution needs to grow to satisfy your compliance demands before you experience a failed audit, fines, or a security incident.
Taking the Next Step
The first step is usually a cybersecurity risk assessment, which will give you insight into any potential vulnerabilities your company has and how to address them. Educating yourself about cyber security fundamentals and examining your options for outsourcing security services are also productive next steps.
Small to midsize businesses: Many private companies are examining an outsourced security monitoring solution as cap on their cybersecurity fundamentals. Because the quality of outsourced security monitoring can vary, rate each of your prospective companies based on experience, expertise, and capabilities.
Large companies and corporations: You may have dedicated cybersecurity resources, but recruiting is slated to remain a challenge for the next 2 to 4 years. A cybersecurity assessment and consultation can help you begin forming a game plan for your perfect outsourced and in-house balance.
Email us your questions, comments, and feedback, and a security advisor will get back to you within one business day.