Part 1 of a 3 Part Series on Cyber Security
Have you renewed your business insurance lately?
Over the last couple of years, an increasing number of businesses have been hacked. Hackers are exploiting flaws in software that is commonly used such as “Solarwinds” and “Kaseya” to access business networks and steal data, encrypt servers, and disrupt business for profit.
The resulting insurance payouts have forced Insurance companies to make it harder for business customers to get insurance.
Unfortunately, most companies don’t implement proper security until after they’re breached and then most don’t upgrade their security or revisit their security policies and practices until they’ve been breached a second time!
Customers we work with that have had a cyber claim are expected to implement the following three practices.
1) Multifactor authentication (MFA or 2FA).
Multifactor authentication (or two factor authentication) means requiring a secondary simultaneous logon method. For most users this means receiving a text message containing a code number on their cell phone and typing it into a website or application to verify their identity. MFA or 2FA can also mean using a figurer print reader, or a secure physical token that you must plug into the computer to enable access.
2) EDR – Endpoint Detection and Response.
EDR detect suspicious behaviour by having humans and AI look for custom scripts and pre-emptively deploying fixes. At the time of writing a major flaw in the Log4j library is actively being exploited. EDR allows attacks to be blocked before patches can be applied keeping organizations safe from exploits.
3) Training
Insurance companies are for the first-time asking companies to proactively train all employees against threats and to run breach tests to identify which employees need further training. In a breach test, multiple fake, “spoofed,” or “phishing” emails are sent to employees and the employees that click links during the test period that could be malicious are provided with individual training on how to recognize and react to common attack methods.
Are you going to wait until your system is breached?
Our goal is to give you questions to ask before you ask us to negotiate with hackers or help you recover locked systems.
QUICK FACT: Insurance companies will no longer cover companies using Microsoft Remote Desktop (Terminal Server) over public internet.
There are between 20,000 and 30,000 cyber attacks on Terminal Server EVERY DAY!
To see more, check out this link: https://rdp.exposed/