Bolster Your Organization’s Cybersecurity By Prioritizing Cyber Hygiene

June 11, 2019

On May 14, 2019, Microsoft released a patch for some of its legacy systems (e.g. Windows 2003, Windows 7, XP, and Server 2008) for a vulnerability found in the remote desktop protocol (RDP). The vulnerability, known as BlueKeep, allows hackers to gain remote access without authorization and send requests through the RDP, which can proliferate like a malware infection to all vulnerable computers on the network.

Patching is a critical aspect of cyber hygiene, especially if your organization uses legacy systems. Yet, reports suggest that nearly 1 million computers connected to the Internet may still be vulnerable to BlueKeep. Microsoft is urging enterprises to patch their systems as soon as possible if they haven’t done so.

One question all businesses need to ask themselves: how are we prioritizing cyber hygiene? After all, the strength of an organization’s cyber hygiene relies on the internal practices implemented in order to protect its data from cyber threats.

Here are some key ways you can improve your organization’s cybersecurity hygiene:

• Keep up-to-date on all the latest patches. This is perhaps the most important way to remedy any found vulnerabilities that may be exploited.
• Segment your internal corporate networks to better isolate any malware infections that may arise.
• Conduct regular social engineering tests against your employees to actively demonstrate where improvements need to be. 
• Conduct regular network penetration tests to identify flaws and vulnerabilities in your corporate networks. If you don't have the talent in-house, employ a third-party security firm to do so.
• Build security awareness training modules to teach employees how to spot common phishing emails or business-related scams that hackers may use.
• Know what your crown jewels are. What are the most important data points integral to your business and how do they need to be protected? Even when digital services are temporarily unavailable, how will you continue to provide essential services to your customers?
• Implement the right tools, processes, and technology – based on the needs of your organization. There is no one-size-fits-all solution when it comes to cybersecurity.
• Stay ahead of the curve by subscribing to cybersecurity news, industry updates, and threat advisories. Subscribe to the US-CERT or to Herjavec Group’s Threat Advisory communications.

While many organizations look to employ external solutions to protect their data, they often skip over the internal practices needed for cyber defense.

Learn more about Herjavec Group’s Advisory Services to help bolster your organization’s cyber hygiene practices.