Digital Transformation

Protecting your Digital Business: A Cybersecurity Round up


What defines me? My name? Age? Choice of music? Biometric details? This information has become more valuable and vulnerable in a metaphysical world, especially when I have to trust strangers with the elements that define me.

According to the ITRC, 1862 cases of data breaches were reported in 2021, up by more than 68% from the previous year. So, either the cybercriminals are getting better, or organizations are not taking the necessary steps to protect user data. We could argue which is which, or look at a few best practices to safeguard your business

1. Access Control

Implement stringent processes to control who gets access to your systems and how they access the system. This list needs to be audited, reviewed, and updated frequently. Provide short-term access whenever possible based on PoLP. Don’t rely on passwords, use passphrases and MFA as a standard. Use IP safe-listing and VPNs for added security.

2. Firewall & Network Security

Investing in a good firewall solution is a must. All unnecessary services like RDP and ICMP should be disabled, and unnecessary IP/ports blocked. Most cloud providers offer inbuilt DDoS preventing and scrubbing services, but depending on the criticality of your data can employ an additional layer of security. Threat Detection and Response is another crucial service. There are ML-backed TDR solutions that can learn and improve their speed and accuracy over time.

3. Stay up-to-date

Use a hardened image to spin up servers to reduce the risk of any potentially exploitable vulnerabilities. Define a patching process taking into account the criticality of the system and the severity of the patch. Have an audit in place (automated if possible) to flag any system that does not comply with the patching process.

4. Protect your data

Make sure you only collect the data you need. When storing the data, use encryption to protect the data. You can find more information on data leakage and prevention here.

5. Security Audits & Compliance Checks

Perform compliance checks to confirm your systems comply with the latest security standards and security guidelines have been followed. Perform independent security audits to determine sufficient system controls, security policies, and procedures are defined to protect systems, detect breaches and provide countermeasures. Security Audits are necessary to understand your strengths and weaknesses accurately.

6. Penetration Testing & Vulnerability Assessment

Invest in a vulnerability assessment tool and make it part of your CI/CD pipeline. You can run VA tools frequently, while penetration testing can happen quarterly (at least).

7. Red Team Exercises

Red Teams simulate external offensive forces toward your systems. You can employ Blue Teams to counter the incoming Red Team offenses to evaluate how ready your IT systems are for cyber attacks.

8. Crown Jewels

In cybersecurity, crown jewels are mission-critical assets. You need to identify what are the crown jewels of your IT ecosystem. Additional layers of security should be in place to protect the crown jewel assets. A clearly defined process should be in place to deal with a breach of a crown jewel asset.

9. Responsible Disclosure

Have a process set up for security researchers to report any vulnerabilities on your systems to your teams. Having a responsible disclosure clause on your website means you are open to fixing your mistakes and becoming better.

10. Bug bounty programs

Bug bounty programs allow ethical hackers to test your systems and expose vulnerabilities, allowing you to patch your systems before external offensive hackers find any loopholes. Some organizations can run successful bug bounty programs on behalf of your organization.

11. Cyber Insurance

Hope for the best and be prepared for the worst. Although you follow the best practices, a breach could happen. Cyber insurance will give you financial assurance in a situation where you will have to pay users for liabilities.

A data breach is an unpleasant situation to deal with as an organization and even more devastating for the users whose data would be exposed. Therefore, it is better to take every possible precaution before it’s too late.

Written by:

Charith De Silva

Chief Architect, Fortude