4 Steps to Take to Avoid a Cybersecurity Breach or Compromise

March 1, 2018 Eric Dosal Eric Dosal

3 Min Read

There’s an old saying, “an ounce of prevention is worth a pound of cure.” However, in cybersecurity, the saying should really be: “an ounce of prevention is worth a metric ton of cure.” According to statistics cited by IBM, the global average cost of a data breach in 2017 was $3.62 million, and the average cost of each lost or stolen record was $141. It was noted in the study that while these costs were down from previous years, “The average size of the data breaches in this research increased 1.8 percent to more than 24,000 records.”

Given that cyberattacks are only becoming more frequent and sophisticated over time, many companies are being forced to ask: “Just how can my company avoid a cybersecurity breach/compromise?”

The sad fact is that no amount of defense will prevent 100% of all attacks. However, companies can significantly minimize their data breach or compromise risks by taking a few precautions:

1) Creating a Strong Password Policy

Many companies could stand to enforce a few basic password policies to protect the user accounts of their employees. Under no circumstances should employees be using easy-to-guess passwords for their company network user accounts.

What makes a password easy to guess? There are a few basic things, such as using:

  1. Simple sequences like “1234” or “qwerty;”
  2. Names of pets or family members;
  3. Any basic word in the dictionary; and
  4. Personally-identifiable information like birth date, anniversary date, etc.

These weak passwords are all too easy to crack with simple guesswork. Ideally, to keep passwords strong, consider applying a few basic requirements to employee password creation, such as:

  • Minimum password lengths of at least 8 characters;
  • Using phrases instead of individual words;
  • Mandating the use of special characters (such as $, ^, @, &, ∫, *, etc.) and numbers in passwords to replace letters; and
  • Requiring both uppercase and lowercase letters.

Applying these rules to passwords can make them harder to guess. For example, which is more likely to be guessed: “Bill1234” or “Th3 R!ght St4ff 00 *%?” Odds are, the second one will be tougher to crack while still being easy to remember.

Why not a random character string like “234XhW10mdHz76*^jqW987?” Because, that random alphanumeric string, while virtually impossible for a person to guess, is also too hard for most people to remember. This could lead to people recording their password in a separate place for easy retrieval, which also means it could be easier to copy/steal the password. A password that people can keep in their heads is one that they’re less likely to accidentally share.

Making passwords that are harder to crack is a key part of preventing user accounts from getting hijacked for an attack that could compromise your cybersecurity.

2) Adding Multi-Factor Authentication

Multi-factor authentication (a.k.a. multifactor authentication or MFA) is a powerful tool for preventing the illicit use of a user account. With MFA, access attempts are verified using multiple criteria beyond just a password, including:

  • Biometric data (voiceprint/fingerprint recognition)
  • Authentication tokens (one-use secondary passcodes and physical devices)
  • Device recognition (checking access attempts are coming from an authorized device)

The more factors you can add to your authentication process, the less likely it is that an attacker will be able to simply guess/steal a user’s password to bypass your network security.

However, when considering MFA, it’s also important to think about how easy the system is use. Complicated MFA setups that aren’t user-friendly can cause inefficiencies and delays—or even make users avoid the systems that require multi-factor authentication to access.

3) Creating an Incident Response Team

It may sound odd to think of an incident response team as a method of preventing breaches. After all, their purpose is to handle your response to a breach that has occurred. But, an incident response team does more than just handle the immediate post-breach detection, containment, and elimination. The response team also handles the investigation into the cause of the breach.

Knowing the cause of a breach allows you to close that gap in your security—leaving you better prepared for future attacks.

Creating an internal team for handling your response to incidents can be a slow and expensive process. However, there is also the option to acquire an external team through a third party cybersecurity solutions provider. By contracting a third party, you can get near-instant access to experienced cybersecurity professionals for a fraction of the cost of hiring a dedicated, full-time internal team.

One note: When creating an incident response team, it is important to make sure that they have the right tools in place to allow them to identify and forensically examine network security breaches—such as intrusion detection systems (IDSs) that can log intrusion attempts and their methodologies.

4) Keep Your Security Patches Up to Date!

Everybody fears the dreaded “zero day” attack—those vulnerabilities in their systems that nobody yet knows about. Yet, the vast majority of data breaches occur because of well-known vulnerabilities that go unpatched. In fact, as noted by CSO Online, “a little less than 1 percent” of the unique vulnerabilities exploited in 2015 were classified as “zero day.”

Basically, this means that 99% of the attacks that occurred that year could have been stopped if the targeted systems had the appropriate security patches.

Keeping up to date with all of the security patches for your company’s IT assets can be an enormous challenge. However, the cost of not patching is far too great to ignore this basic and necessary cybersecurity breach prevention strategy.

These are just a few of the basic things that your company can do to prevent a cybersecurity breach. Need help setting up a cybersecurity strategy for your business? Contact Compuquip Cybersecurity for more cybersecurity help and advice.

reducing with risk Rapid7 and Compuquip