October 31, 2017 By Lucie Hys 5 min read

What have you learned during National Cybersecurity Awareness Month (NCSAM) that could help drive change in your organization? We’ve featured 22 tips so far, so there should be at least a few things for you to work on. Maybe your company needs to revamp its cybersecurity training or do a better job managing data. As with anything in life, there is always room for improvement, including your organization’s cybersecurity plans and processes.

Nine Lessons From Week Four of NCSAM

Check out our previous tips from week one, week two and week three of NCSAM to start putting together your to-do list. Below are nine more things to consider.

23. Test Your Incident Response Plan

Did you know organizations that are able to complete an investigation of a breach in 30 days or less save an average of nearly $1 million over those who don’t? If you don’t have incident management and response plans or have not been testing them, start ASAP. An effective incident response strategy requires intimate knowledge of the IT environment, thorough and regular testing, strong detection tools and comprehensive historical analysis.

If you could use help, reach out to the IBM X-Force team. The X-Force Incident Response and Intelligence Services (IRIS) team specializes in providing incident response planning, program development, response to critical breaches, remediation and threat intelligence to clients in over 133 countries.

24. Pay Attention to the Attacks That Can Surprise Your Organization

Having penetration testers assess your systems can provide a comprehensive and prioritized view of what should be done to best protect them from the growing number of cyberthreats. Once penetration testing has exposed the gaps in security, the testers can make recommendations on how to close them. Regular penetration testing should be carried out periodically, especially when new partners, technologies or tools are added to the mix.

The IBM X-Force Red team delivers a security testing program that focuses on management of vulnerability data, rapid testing of any target and analytics to help you rate your risk.

25. Supplement Your Threat Intelligence With Reliable External Feeds

Do your threat intelligence tools provide notifications for vulnerabilities, repositories for critical security research, programmatic access to threat intelligence, collaborative platforms for teaming and analysis of suspicious files? They should. If you are still looking for the right tool, consider IBM X-Force Exchange. This cloud-based, collaborative threat intelligence platform can help you research the latest global security threats, aggregate actionable intelligence and collaborate with peers to quickly identify external threats and act on them.

26. Run Regular Corporate Application Server Backups

Do you run regular corporate application server backups? Don’t assume — make sure. An effective backup strategy is one part of a larger incident response plan, which should be developed proactively.

27. Have a Sound Disaster Recovery Plan

If disaster strikes, what process or procedures is your company going to follow? You need a backup and recovery solution in place that protects your critical business data from all threats, whether it’s a file that was deleted accidentally or a complex service restoration that spans multiple clouds, geographies and platforms.

28. Conduct Business Continuity Testing on Your Plans and Policies

Capture the flag is a classic, but have you tried a security incident simulation? Bring your teams to IBM’s X-Force Command Center, where they can experience simulated security incidents in an airlocked cyber range. Gamification helps analysts stay sharp and offers a tangible way to understand how their contributions impact the organization’s security posture.

Listen to the podcast: The Value of Red on Blue Cyber Training

29. Adopt Industry-Recognized App Development Best Practices

According to Bugcrowd, 94 percent of chief information security officers (CISOs) are worried about application security tools. While it’s important to adopt industry-recognized app development best practices, companies also need to use web app vulnerability testing. Organizations must change the way they develop and deploy apps to ensure that testing, rather than time to market, is the ideal key performance indicator (KPI).

30. Encourage Easy and Prompt Reporting of Cybersecurity Incidents

Would your staff know what kind of incidents to report on and how? Make sure you have a clear and effective process in place for your employees to report cybersecurity incidents and stress the importance of doing so promptly. Prompt and detailed reporting can lead to early detection and prevent incidents from occurring.

31. Manage Personal Devices That Connect to Your Network

With bring-your-own-device (BYOD), attackers have literally been given millions of new entry points to the enterprise. Their challenge is in determining which ones to exploit. Make sure that all personal devices that connect to the organization’s network are registered and adhere to the organization’s security requirements.

A Final Thought

Cybersecurity is an ever-changing field with new and more treacherous traps being set as you read. The least you can do is to get the basics right. Once you have a solid foundation, don’t get comfortable. Security seems simple until the moment a cyberattack strikes. Needless to say, there is a tremendous risk and cost associated with those who wait for that moment.

Illustrations by Nathan Salla.

Listen to the podcast: NCSAM Insights From X-Force Red

 

More from Risk Management

What’s behind unchecked CVE proliferation, and what to do about it

4 min read - The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations' cyber defenses. According to SecurityScorecard, there were 29,000 vulnerabilities recorded in 2023, and by mid-2024, nearly 27,500 had already been identified.Meanwhile, Coalition's 2024 Cyber Threat Index forecasts that the total number of CVEs for 2024 will hit 34,888—a 25% increase compared to the previous year. This upward trend presents a significant challenge for organizations trying to manage vulnerabilities and mitigate potential exploits.What’s behind…

Addressing growing concerns about cybersecurity in manufacturing

4 min read - Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface.According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.Apparently, the data being stored in industrial control systems is…

Cybersecurity Awareness Month: Horror stories

4 min read - When it comes to cybersecurity, the question is when, not if, an organization will suffer a cyber incident. Even the most sophisticated security tools can’t withstand the biggest threat: human behavior.October is Cybersecurity Awareness Month, the time of year when we celebrate all things scary. So it seemed appropriate to ask cybersecurity professionals to share some of their most memorable and haunting cyber incidents. (Names and companies are anonymous to avoid any negative impact. Suffering a cyber incident is bad…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today