October is Cyber Security Awareness Month. Are You Prepared?

October 21, 2024
CKSS CMMC DFARS Compliance Consultants cybersecurity solutions

October is Cybersecurity Awareness Month, an annual initiative established in 2004 by the U.S. Department of Homeland Security and the National Cybersecurity Alliance. The goal is to raise awareness and educate individuals and organizations about online safety in the face of an ever-changing threat landscape and the importance of safeguarding digital information, promoting good cyber hygiene, and encouraging safe online practices.

The 2024 theme for Cybersecurity Awareness Month is “Secure Our World”, dedicated to raising awareness on incorporating cybersecurity in your daily lives to protect yourself, your loved ones, and your business from online threats.

The National Institute of Standards and Technology (NIST) provides a 5-step Cybersecurity Framework designed to formulate, articulate, and foster better management of cybersecurity risk based on existing standards, guidelines, and practices.

What can you do to protect yourself, your loved ones, and your business from online threats? CISA and DOD Office of Small Business programs offer these best practices:

  • Enabling Multi-factor Authentication.
  • Using strong passwords and password managers.
  • Keeping software up to date.
  • Recognizing and reporting phishing.
  • Identifying and managing supply chain management risks.

Here’s a deeper dive:

Enabling Multi-factor Authentication

Multifactor Authentication (MFA) provides an extra layer of security to protect your personal accounts, ensuring that unauthorized users cannot access them, even if your password is compromised. In business settings, MFA is used to verify and authenticate user identities, allowing authorized individuals to gain quick and secure access.

Using strong passwords and password managers

Strong passwords serve as a barrier against unauthorized access to personal information and accounts, making them resistant to brute force and dictionary attacks.
Password managers help manage and store your passwords, eliminating the need to remember each one. They generate unique, strong passwords for all your accounts and encrypt them so that only you can access them. To further secure password managers, enabling multifactor authentication (MFA) ensures that only authorized users can gain access to the stored passwords.

Keeping software up to date

Software updates typically offer enhanced functionality, resolve issues like bugs and crashes, and deliver critical security patches. By patching security vulnerabilities, these updates help fix weaknesses in the software that could otherwise be exploited by threat actors. Cybercriminals often take advantage of unpatched vulnerabilities to install malware on compromised systems, which can lead to computer takeovers, data theft, file encryption, and the disruption of other programs. For this reason, it is essential to keep all your devices and software up to date.

Recognizing and Reporting Phishing

You’ve probably heard the term a million times, but do you really know what phishing is? In simplest terms, its when a cyber criminal sends an email with a malicious link with the goal of infecting the receiver’s computer to steal money, sensitive data, and login information. The emails appear to be legitimate on the surface, which is why so many people continued to open them and click the links. In fact, an estimated 90% of cyber attacks start with a phishing scheme.

Here are a few ways you can identify phishing emails. But keep in mind, as cyber criminals become more sophisticated, so do their methods of infiltrating your inboxes. The emails typically have:

  • a generic greeting.
  • an urgent call to action or threat.
  • inconsistent spelling and bad grammar.
  • mismatched email address and domain (i.e. email from Microsoft with a gmail email address).
  • suspicious links or unexpected attachments.

Now that you know some of the ways to spot a phishing email, how can you protect yourself from the schemes?

  • Never click on suspicious links or open attachments.
  • If the suspicious email comes from someone you know, contact them through a different channel (phone, alternative email, etc.)
  • Report the email to your IT team or help desk.
  • Mark it as spam.
  • Delete it!

Keep these tips in mind:

  • Protect your computer by using security software.
  • Protect your cell phone by setting software to update automatically.
  • Protect your accounts by using multi-factor authentication.
  • Protect your data by backing it up either on an external hard-drive or in the cloud.

Identifying and Managing Supply Chain Management Risks

In light of the recent Crowd-Strike outage and the SolarWinds attack not so long ago, it is key that organizations need to secure their operations and increase their resilience by reducing their exposure.

Organizations need to consider the following areas in preparation for future unforeseen events:

Testing: This incident highlights the crucial need for comprehensive testing, careful deployment, accountability, and the importance of phased rollouts. Regular automated updates to endpoint detection response (EDR) tools, like CrowdStrike’s Falcon, should be implemented in phases to detect problems before they become widespread. A phased rollout approach involves Initial deployment to a small, diverse subset of systems, monitoring for unexpected behaviors or conflicts, gradual expansion to larger groups, and maintaining the ability to rollback if problems arise quickly. Additionally, organizations should maintain test environments that are logically separated from production environments. By combining these strategies, organizations can create a more resilient and secure IT infrastructure.

Encryption Management: IT Administrators should establish a process for inventorying and managing assets, as well as maintaining encryption keys throughout the lifecycle of organizational assets. During the CrowdStrike incident, many IT Administrators lacked the necessary encryption keys to decrypt hard drives and remove the problematic CrowdStrike file. As a result, new devices had to be deployed, leading to decreased productivity and added expense.

Maintaining System Backups: Organizations should routinely test their backups, ideally at least four times a year, with increased frequency if there are significant changes in the data environment. To protect against ransomware attacks, it is also important to maintain offline backups that are not connected to the network.

Developing and Updating Incident Response and Contingency Plans: Organizations should develop and consistently update incident response and contingency plans according to criticality and potential impact on systems. These plans must include detailed procedures for recovering critical systems and should be supported by a comprehensive Backup and Recovery Plan that outlines specific recovery processes.

3rd-Party Vendor Risk Management. This strategy should involve having multiple service providers to ensure that if one experiences an outage, business processes and services remain unaffected. It’s important to “trust but verify” third-party IT security processes. Organizations and businesses should consistently assess their third-party providers to ensure they meet both internal and regulatory standards.

How Can CKSS Help?

CK Security Solutions (CKSS) assists organizations of all sizes and from many industries, including DoD contractors and Federal Agencies, in implementing a comprehensive security program that includes the following key elements:

We’ve covered a lot of ground in this post, and if you’re feeling a bit overwhelmed, don’t be intimidated. The good news is our team specializes in creating systems that require less intervention and help reduce the headaches for your IT team.

The first step is scheduling a No-Obligation Consultation to assess your current systems and evaluate your existing Third-Party Action Plan. our team is here to provide you with the answers you need.

Contacting CKSS

You probably have questions, and our team is here to provide you with the answers you need.

Call us anytime at 443.464.1589 or contact our team online today.