Originally Published April 2021
Updated June 2023
The reality is that most organizations will face multiple cyberattacks in their lifetime. How they respond and recover from these attacks often determines whether the business survives.
In this blog, we’ll discuss the current cybersecurity threat landscape, questions that can be used to evaluate the readiness of your cybersecurity plan and how to prevent future incidents.
Current Cybersecurity Threat Landscape
As more and more businesses have moved from traditional IT environments to modern cloud infrastructure, cybersecurity threats have evolved. Companies that previously saw no need to engage in cybersecurity training and protection are starting to see the value.
The rise of digitalization and cloud technology has made it more challenging for IT departments to control their organization’s IT environment, as more of their employees are adapting to a remote working environment.
Additionally, remote workers may use personal devices that aren’t adequately hardened – allowing threat actors direct access to your organization’s data and making your organization more vulnerable to attack.
What Kind of Attacks Can You Expect?
Although the cybersecurity landscape is constantly advancing, here are a few common attacks organizations can expect:
Phishing
Regardless of the advancements in cybersecurity, phishing remains one of the main techniques cybercriminals use for initial access.
A phishing attack occurs when a hacker attempts to gain access to privileged information, including usernames, passwords, credit card information and more through fraudulent solicitation in email.
Phishing attacks can also be conducted by phone call (voice phishing aka vishing) and by text message (SMS phishing aka smishing).
Malware
Malware is software that is installed on a computer without the user's consent and that performs malicious actions, such as stealing passwords, disrupting system services and damaging IT networks.
There are several different types of malware, and each infects and disrupts devices differently, but all forms are designed to compromise the security and privacy of your computer systems.
Ransomware
Similarly, ransomware is a form of malware that is typically installed when a user visits a malicious website or opens a spam email with a malicious attachment.
It exploits vulnerabilities on the device and encrypts important files, such as Word documents, PDF files, databases and more, making them unusable until a ransom payment is made.
When preparing for potential cyberattacks, actively monitoring and updating your organization's cybersecurity is critical. But just because you have a cybersecurity plan in place, doesn't mean you're in the clear.
10 Questions to Assess Whether Your Cybersecurity Plan Is Ready for an Attack
At the very least, you need to be prepared. Here are 10 questions to determine whether your organization's cybersecurity plan is ready for an attack.
1. Do you back up all your data regularly to an off-network location?
2. Do you have your critical system diagrams and incident response plans copied to an off-network document vault for immediate retrieval during an incident?
3. Have you built an attack-ready incident response policy?
4. Do you have attack detection tools activated?
5. Have you conducted simulated attack exercises to prepare your team for the best next steps?
6. Do you routinely conduct security logging-level reviews?
7. Have you undergone a standards-based risk assessment from an organization like NIST (National Institute of Standards and Technology) or ISO (International Organization for Standardization)?
8. Is your cybersecurity program compliant with widely-accepted frameworks and those specific to your industry?
9. Have you trained your company’s employees to be cybersecurity-aware?
10. Do you have a cybersecurity incident response service provider already selected, vetted and under contract, so you don't have to hunt when disaster strikes?
Cybersecurity Strategy: What's Next?
If you answered “no” to most of those questions, you may want to proactively start looking into different cybersecurity solutions for your organization.
When cyber events happen, confusion, fear and uncertainty about what to do next is common. Some questions that set in are:
- Where do I turn for support to quickly investigate and assess the problem?
- Who will handle communications with the attacker and coordinate response across my team, my insurance carrier and law enforcement?
- How will I continue to operate my business and minimize interruptions?
It's important to remember that no cybersecurity plan is foolproof. Even the most well-prepared organizations can fall victim to a cyberattack.
That's why it's important to have a backup plan in place. This could include things like data backups, redundant systems and insurance policies to help mitigate the financial impact of an attack.
Read Next: 8 Cybersecurity Statistics You Must Know
Randy is a CISSP who leads the Cybersecurity and IT Consulting team at Loffler Companies. He is focused on applying his 25+ years of IT experience to help his clients measure, understand and manage information security risk through the vCISO managed consulting program.
