Nonprofit Resources

print

Cybersecurity Month: Cybersecurity Benefits Everyone

print
October is National Cybersecurity Awareness Month. Each week, we’ll provide information and tips to help increase your cybersecurity awareness and reduce the cyber risk for you and your organization.

CYBERSECURITY BENEFITS EVERYONE

The Department of Homeland Security’s theme this week is “Safeguarding the Nation’s Critical Infrastructure.” This infrastructure, which includes the electrical grid, transportation systems, and more, runs on the Internet. That means that taking steps to protect your organization’s network and data can also help protect the important systems that enable us to live our daily lives.

Here are some considerations and tips to help.

Keep systems clean.
  • Create and maintain a complete inventory of all servers, computers, mobile devices, firewalls, routers, switches, peripherals, and Internet-connected devices owned by your organization, including devices that are no longer in use.
  • Make sure someone in your organization is responsible for ongoing monitoring of your systems, including areas such as:
    • Virus protection
    • Patching of operating systems and applications (e.g., Java, Adobe Flash)
    • Successful backup of all systems and data
    • Confidential information in email
    • Firewall and event logs
    • Rogue applications
    • Removal of data from your internal network through methods such as email, cloud services, mobile devices, and USB drives
  • Implement a zero-day vulnerability plan to help your organization respond quickly and effectively to new threats.
Protect access to your network and critical applications.
  • Use 24/7 perimeter monitoring. An intrusion detection system can provide around-the-clock monitoring for intrusions. Set a process for who will be notified, and how, to ensure that suspicious activity is addressed quickly.
  • Establish a strong user administration process to limit access to sensitive data and systems.
  • Add an extra layer of security through multi-factor authentication for network logins, email, cloud services, and financial accounts. That way, even if a hacker has a username or password, they still won’t be able to log in. Learn more and access authentication resources at this Lock Down Your Login page.
  • Secure your organization’s Wi-Fi network, including guest access. A hacker who gains access to your network through Wi-Fi will be able to access all devices connected to the network. Change the factory-set default password and username on routers, and set controls for and monitor use of the Wi-Fi network.
Keep cybersecurity a top priority.
  • Remember that all organizations, of all sizes, are at risk of a cyber attack.
  • Devote separate resources to the IT and IS functions in your organization. Both have a vital role to play in supporting your technology environment in a secure and controlled manner.
  • Create an appropriate accountability structure within your organization to ensure issues are addressed quickly and adequately.
  • Consider independent testing, such as a Cyber Checkup or Cybersecurity Assessment. You can’t mitigate risks if you don’t know what they are. Periodic independent testing will help identify your organization’s existing risks.
  • Implement an incident response plan that details how your organization will react and respond to a breach or other cyber event.

 


DID YOU KNOW?
According to Ponemon Institute’s 2018 Cost of Data Breach Study, it takes organizations an average of 197 days to identify a data breach and 69 days to contain it.

 

Access more cybersecurity articles and blog posts here.

Leave a Comment