Fending Off Cyber Attacks
At a time when most business is done on computers, not paper, and so much private information is stored in organizational networks, it is important to ensure that security within an organization is of high quality. You don’t want to leave yourself, customers, or even other companies vulnerable to cyber attacks that could cause major damage.
In a recent podcast on the Journal of Accountancy, cyber-security expert Mike Foster discusses steps that organizations can take to improve their cyber protection. Some of the key take-aways from the podcast include:
Why Keeping Security Patches Up-to-date is Important
Security patches are a great thing, but they also can be used to attack organizations that are slow to install them. Mike suggests these three steps for IT departments to follow when a new patch is released:
- Test the patches in a quality assurance environment to ensure the patch will not cause any unexpected breaks
- Practice uninstalling the patch in case breaks occur in the future, so that the IT department will be able to quickly uninstall the patch to limit the number of breaks
- Finally, once the first two steps are complete, do a staged roll-out, instead of all at once; this will minimize damage if anything goes wrong
However, Mike warns about dragging the process out for too long, because attackers like to use these patches to prey upon organizations who delay in installation. Mike talks about three important days of the month for attackers:
- Patch Tuesday – Many companies, such as Microsoft, release patch updates on the second Tuesday of every month
- Disassembly Wednesday – On this day, attackers will take apart the patches to see what holes the patches fix
- Exploit Thursday – By Thursday, the attackers will know where the holes are in the old software, so any organizations that haven’t installed the update will be susceptible to attacks
How to check the quality of your third-party IT provider
Many firms choose to hire a third-party IT provider, but checks should still be done to ensure they are taking the steps to secure information. Organizations often hire auditors to check on their third-party providers, who find issues including but not limited to:
- The third-party provider does not install patch updates in a timely manner
- If the third party is a managed service provider, they are not incentivized to install the updates, because they can cause breaks which hurts their client, and breaks cause them even more work
- The third party sometimes has weak security for their own network, leaving all of their clients in danger
Are smaller firms at a lower risk?
Many small firms believe they are safe because they don’t have vital information to steal, but attackers aren’t always looking to stealing information from the networks they attack. Mike discusses why, even as a small firm, being protected is important for you and for others, because:
- Access to a small organizations network, can be used to gain access to other networks
- Stolen information could be stored on a small organizations network, because the attackers don’t want the stolen information left on their computers
- Perhaps most importantly, reputations can be hurt. No company wants to have to announce to the public that they have been breached.
Lastly, Mike also discusses the importance of using application whitelisting, limiting user permissions, and installing the four critical security patches. If you would like to learn more to see if your organization is taking all the right precautions, follow the link to listen to the podcast: https://www.journalofaccountancy.com/podcast/how-to-fend-off-cyberattacks.html