Five concrete steps to mitigate your cyber risks
BPM Ukraine Alert
The conflict in Ukraine is being fought on many fronts and is creating significant risks that are affecting the entire world. BPM has identified several key areas in cybersecurity that you and your business need to know about to navigate the crisis.
Getting caught Up in global cyber conflict – what you and your business need to know
As Russia’s invasion of Ukraine continues, the U.S. Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings about potential increases in cyberattacks. Many organizations around the world are at risk, including companies that indirectly or directly support the critical financial infrastructure of our nation, such as financial services firms.
In addition to the usual broad directives issued by DHS and CISA, the cybersecurity experts at BPM recommend organizations take the following five concrete steps to mitigate their cyber risks:
- Strengthen inbound email defenses. A large percentage of malicious payloads enter company networks via inbound email attachments and links. Ratcheting up email filtering can mitigate this common attack vector.
- Implement strong Multi-Factor Authentication (MFA) and related remote access controls. Contrary to popular belief, MFA is both cheap and easy. It is critical to enhance your strong MFA with additional controls, such as geo-fencing (to restrict certain foreign IP addresses) and certificates (to validate trusted computers that remotely access your systems).
- Provide repeated detailed training for all team members – including contractors and remote workers – to manage today’s threat landscape. Be sure to include training for email, phone, text and in-person social engineering attacks. If you don’t have a formal program that ensures everyone is aware of threats and knows how to comply with your data security protocols, you need to create one immediately.
- Thoroughly test controls through detailed protocols that cover topics like email, MFA and social engineering to get an accurate picture of your organization’s security posture. Only by knowing where hackers are most likely to exploit your company can you answer the question, “What should we be doing about cybersecurity”
- Have a response plan in place. Breaches will happen, which is why having a documented security program is important – and having a well-documented incident response plan is essential. Know what to do when a breach happens. There should be communications strategies, isolated backups, and pre-configured administrative computers in place before there is a problem.
Please reach out to our BPM cybersecurity assessment team with questions or comments. Security is everyone’s responsibility, and the current situation in Eastern Europe is raising the stakes for companies around the world.