What should regular businesses do?
The same kind of proactive approach outlined above applies to regular businesses too. In order to do this successfully, however, they need to establish a baseline to work from. That’s why it’s so important they start monitoring their network even before they suspect foul play.
All of this contributes to a form of security intelligence that can help businesses diagnose problems, identify threats, and triage their response. Known safe applications can be whitelisted, logins from unusual IP addresses can be investigated, and lateral movements can be easier to identify.
Here are four simple steps toward better cybersecurity hygiene that businesses can take today to minimize the impact of cyber warfare:
1. Create a baseline of activity
Businesses should have enough visibility over their network to know what normal looks like in terms of data flows and traffic patterns. Forming this baseline will be critical when it comes to spotting any anomalies that might warrant investigation.
2. Log, log, log
Businesses should start logging endpoints of ingress and egress, generating information that can be pulled at a moment’s notice to uncover any unusual activity. Logging isn’t as thorough as it could be in the vast majority of businesses, and for those businesses that don’t log at all, there’s no time like the present.
3. Don’t just look out over the fence
If a business is impacted by a nation-state attack, the overwhelming likelihood is that the threat will have been lying dormant on the network for a while before it lands the final blow. Instead of looking outward for incoming attacks, businesses should keep one eye on their own network, looking for anything out of the ordinary so that any breach can be dealt with before it becomes serious.
4. Keep a playbook in place
Prevention is better than the cure, but it’s almost inevitable these days that your business will, at some point, become the victim of an attack or experience a breach. Once that happens, it’s done, and there’s no point in dwelling on it for too long. What matters is how you deal with it. Having a coordinated organization-wide response is critical when it comes to mitigating the potential damage that a breach can cause.
Unfortunately, cyber warfare is a moving picture with almost daily developments. To learn more about the risks, it poses to your business and how you can leverage automation to increase your security posture, listen to our Cyber Warfare webinar here.