The holiday rush is upon us, and so is the risk of cyberattack. Threat actors often get to work during the holidays. IT staff is heading out for vacation, and everyone is in a hurry. This means we might skimp on security. Still, there are some holiday cybersecurity tips that will help make the season go smoothly.

End of Year and Christmas Cyberattacks

During the holidays, online activity ramps up a lot. Deloitte forecasts that e-commerce sales will grow by 11-15% year-over-year. This will likely result in e-commerce holiday sales reaching between $210 billion and $218 billion this season. And all that bustling around digital stores creates openings for threat actors.

Earlier this year, the Cybersecurity and Infrastructure Security Agency (CISA) sent out an alert concerning ransomware awareness for holidays and weekends. Obviously, you can’t overhaul your entire cyber defense strategy before the end of the year. But some useful holiday cybersecurity tips can make a difference. First, let’s explore tactics you can implement now. Then, we’ll look at big picture perspectives to improve your long-term cybersecurity.

Holiday Cybersecurity Tips for Right Now

Here are actions you can execute right away to beef up your cybersecurity during the high-risk holiday season.

Tip 1: Be Extra Cautious With Email

Distraction is the cyber criminal’s best friend. It’s best you use work PCs only for work— no online shopping or personal email allowed. This applies to remote work as well. If employees toggle back and forth between work and gift buying, the risk of clicking on a malicious link increases. If a great shopping deal suddenly appears on their browser, they might click before thinking twice.

Credential phishing and ransomware attacks tend to rise during the holidays. Everyone should be extra careful about any email promoting special holiday offers and deals. These attacks are highly refined, with the look and feel of an authentic email from big-name brands.

Bogus emails with a malicious link or attachment could quickly unleash ransomware into your network. Phishing attacks can also be sent via SMS, instant messaging and social networks.

Alert your staff about these risks. Remind them to carefully scrutinize any email that contains links or asks you to download anything.

Tip 2: On-Call IT Security Staff

With IT staff on vacation, fewer eyeballs are on screens to keep track of issues. If you find your site down during the holiday break, do you have a backup plan in place?

At a minimum, who gets called in the event of an after-hours emergency? While this may not prevent an attack, it pays to have IT security staff on call in the event an incident occurs.

Tip 3: Threat Hunting

The FBI and CISA encourage businesses and agencies to engage in preemptive threat hunting. This involves searching for signs of malicious movement to stop attacks or reduce damage after a successful breach.

Threat actors can remain hidden in your network long before anyone detects them. Unseen for months, they can steal large amounts of data. After they take sensitive data, threat actors can then encrypt critical files to be later held for ransom.

In the near term, review your data logs and scan for suspicious activity. If possible, check for repeated failed file modifications, increased CPU/disk activity, inability to access files and abnormal network communications.

The CISA also says to watch out for the following when threat hunting:

  • Unusual inbound and outbound network traffic
  • Unauthorized escalation of account permissions
  • Substantial increase in database read volume
  • People logging in or accessing systems from outside their usual location
  • User activity or attempted login during odd times.

Holiday Cybersecurity Tips for the Long Term

When you return from the holidays, these actions will improve your overall security by a lot. Don’t put it off until it’s too late.

Tip 4: Set Up Offline Data Backup

Ransomware attacks encrypt critical data files so you can’t access them. Even if you pay the ransom, there’s no guarantee the attackers will decrypt your files. It’s important to have an offline data backup of your most important files.

Resist the temptation to have your backup located somewhere else on your network. Many ransomware variants will seek and delete or encrypt accessible backups. Consider scheduling your backup update and testing to be completed before the holidays every year.

Tip 5: Update, Scan & Patch Software

When it comes to software and applications, it’s important to install the latest updates. Threat actors are always on the lookout for newly discovered vulnerabilities to exploit. If you have outdated (end-of-life) software, you could be exposed to weaknesses with no update.

It pays to develop an unpatched vulnerability plan, which begins with risk prioritization. Vulnerability assessment and scanning may reveal thousands of weak spots, but you can’t fix them all at once. Instead, you should focus on the ones near mission-critical systems and internet-facing servers. A centralized patch management system with risk-based assessment is critical to creating an effective and efficient patch strategy.

Finally, complete scheduled vulnerability testing to make sure your patches are working and to scan for new weak spots.

Tip 6: Implement Identity & Access Management

The who, what, where and when of user access to networks is the essence of identity and access management (IAM). At a minimum, IAM keeps track of logins and permissions, but there’s so much more to it. For example, how do you manage access for employees, customers and partners all at the same time? Plus, the level of access for each employee may vary depending on their jobs, which adds to the complexity.

With the help of artificial intelligence, IAM enables you to monitor and manage your entire user access ecosystem. Through context-based analytics, IT security teams have more precise control and insight into who’s logging in where, and when. This enables the rapid detection of anomalies without having to deploy cumbersome or strict access policies for every single user.

Tip 7: Secure Your Networks

Another threat mitigation tactic the CISA suggests is to secure your network(s). You can start with multilayered network segmentation. With this method, the most critical messages occupy the most secure and reliable layer.

You can also protect network traffic flow by filtering out malicious IP addresses. Likewise, you can prevent users from accessing malicious websites with URL block-lists and/or allow-lists. Finally, scan your network for open and listening ports and close any unneeded ports.

Threat Management Is Year-Round

Threat management isn’t just a holiday thing. Your organization needs to protect critical assets and manage full threat life cycles. An intelligent, integrated unified approach can help you detect advanced threats, respond quickly with precision and recover faster from disruption.

More from Data Protection

Data Privacy: How the Growing Field of Regulations Impacts Businesses

The proposed rules over artificial intelligence (AI) in the European Union (EU) are a harbinger of things to come. Data privacy laws are becoming more complex and growing in number and relevance. So, businesses that seek to become — and stay — compliant must find a solution that can do more than just respond to current challenges. Take a look at upcoming trends when it comes to data privacy regulations and how to follow them. Today's AI Solutions On April…

Defensive Driving: The Need for EV Cybersecurity Roadmaps

As the U.S. looks to bolster electric vehicle (EV) adoption, a new challenge is on the horizon: cybersecurity. Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting from Point A to Point B. They also offer a new path for network compromise that could put drivers, companies and infrastructure at risk. To help address this issue, the Office of the National Cyber Director (ONCD) recently hosted a…

Why Quantum Computing Capabilities Are Creating Security Vulnerabilities Today

Quantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate. Indeed, quantum computing poses an existential risk to the classical encryption protocols that enable virtually all digital transactions. Over the next several years, widespread data encryption mechanisms, such as public-key cryptography (PKC), could become vulnerable. Any classically encrypted communication could be wiretapped and is…

How the CCPA is Shaping Other State’s Data Privacy

Privacy laws are nothing new when it comes to modern-day business. However, since the global digitization of data and the sharing economy took off, companies have struggled to keep up with an ever-changing legal landscape while still fulfilling their obligations to protect user data. The challenge is that there is no one-size-fits-all solution regarding data privacy's legal requirements. Depending on the location and jurisdiction, data privacy laws can vary significantly in terms of scope and enforcement. But while the laws…