Cyber attacks sap the vitality of any firm. It causes direct losses and makes the business susceptible to regulatory punishments. Worse, it affects the reputation of the business among customers and other stakeholders. Tending to the aftermath of a cyber attack is big-time disruption, taking focus away from the business. But cyber-attacks are not going away anytime soon. Cyber threats are evolving on an unprecedented scale, increasing in volume as well as intensity. The only option before enterprises is to take adequate measures and remain prepared.

1. Anti-malware and Firewall 

A modern corporate-grade anti-malware suite is basic protection and a must-have for any enterprise. 

Despite the emergence of new deadly attacks, malware infection remains the most common cyber-attack. But the traditional method of identifying malware through signature scanning has become ineffective. Cybercriminals now churn out new malware faster than cyber researchers can update virus registries. Modern anti-malware or antivirus suites perform behavioural scans and triggers alerts at the slightest trace of suspicious activity. 

A good firewall is an added layer of protection. It acts as a filter, preventing the entry of the malware in the first place. However: 

• A firewall is only as good as its configuration. Keep the rule base simple to reduce complexity and load on the firewall.
• Firewalls itself are susceptible to hacking. Disallow communication flow between the firewall and unauthorized sources. Run firewall vulnerability scans. 

The problem may not be lack of security software, but rather too many software and lack of effective coordination. Sync all the available security software to work in unison. 

2. Encryption

Anti-malware suites and firewalls offer only a basic level of protection. A determined attacker can get past firewalls and hoodwink antivirus suites. 

Many cyber experts regard encryption as the Holy Grail of network security. Encryption converts readable text into gibberish, making it useless to anyone who happens to get their hands on it. The encryption key, available with the owner of the data, converts the gibberish back to the readable text when needed. 

There are some caveats though:

• Keep the encryption key safe from the hackers in the first place. This means storing the encryption key in a secure place, separate from the data.
• Encryption comes at different levels, depending on the strength of the encryption keys. A determined cyber attacker could very well hack a weak encryption key. Steer clear of older encryption algorithms such as DES (Data Encryption Standard). The AES (Advanced Encryption Standard) is a stronger option now. Longer encryption keys are safer for the same reason. AES 128 is strong. AES 512 is even stronger. 
• Encryption is resource-intensive. As such, encrypt only sensitive and important data. Understand what is sensitive and what is not. Always encrypt employee information, customer personal details, financial data, and intellectual property. 

3. Back-ups

Encryption is effective when cybercriminals steal data. But today’s threat-propositions assume various other dimensions. For instance, Ransomware such as Wannacry locks up the computer and demands a ransom to restore access. 

Most antivirus programs do not detect ransomware, until too late. Encryption is ineffective since the attackers do not seek to make use of the data themselves. Backing up the data protects the enterprise from ransomware and other security breaches. With backups, the business can restore the last backup. 

The caveat is to:

• Take backups daily. The best option is to automate the process.
• Store the backup files at another location, preferably offline. It doesn’t help if the hacker blocks the server containing the backup files as well.
• Ensure physical protection to the place containing backup files. Floods, moisture, excessive heat, and pests can damage backup files.

4. Threat Monitoring and Incident Response Plans

Attacks may happen anytime, from any place. Round-the-clock networking monitoring triggers alerts and foils the attack before it causes damage. One in four network professionals rate lack of timely threat intelligence information as to their main threat. 

But monitoring is useless without a good incident response plan. A well-thought-out incident response plan caters to most eventualities and contingencies. It prompts notifications, fixes responsibilities, and lays down a clear path of action. It even automates certain critical tasks.

Deploy Security Event and Incident Monitoring (SIEM). A good SIEM suite monitors the network and triggers alerts on suspicious user activity or data anomalies. A Security Operations Center (SOC) interpret the alerts and zero in on the trouble spots.

5. Strike Sound Relationships

Today’s fragmented digital ecosystem runs on alliances, partnerships and managed services. It is not enough for enterprises to secure their internal network. Effective security depends on the partner’s networks being secure.

Make sure: 

• The eCommerce platform is PCI-DSS (payment card industry data security standards) Level 1 compliant. Level 1 compliance protects against breaches across the entire payment network.
• To check the hosting partner’s patch security vulnerabilities, to keep the website safe. As an added layer, have a WAF (web application firewall) in place to protect the site. 

Cyber attackers strike at will and there is no hiding place. 

About two out of three security professionals who attended the Black Hat USA 2019 believe their organization will have to respond to at least one major cybersecurity breach over the next 12 months. In another survey, about 20% of enterprises disclose having suffered six or more attacks over 12 months. 

Businesses adopting sound network hygiene and taking due precautions can stay at the top of the game. A well-prepared business wards off cyber attacks with no damage.