BY DENNY FISHER, Chief Client Experience Officer, ACS
A large portion of the U.S. was brought to its knees during the Colonial Pipeline hack. Though to some it was par for the course since March 2020, many were shocked that infrastructure that is so critical to the daily operations in the U.S. could be affected so profoundly. Heed this warning: It’s only the beginning.
In the rush to remote, organizations in all industries and of all sizes made mistakes — we all did. In the blink of a server light, all employees — everywhere — turned into remote employees. Ninety percent of employers were not ready for this. IT teams scrambled to set up virtual infrastructure that would allow employees to “temporarily” work from home. Things were inevitably missed, budgets were squeezed, and gaps were never closed.
IT teams weren’t the only busy bees during that time. Hackers were busy seizing a mammoth-sized opportunity, laying the groundwork for eventual destruction. As employees, IT teams and organization leaders were distracted with world events, they quietly infiltrated networks, silently watching and collecting information, waiting for the right moment, waiting for companies to once again be flush with cash and distracted.
The time for those chickens to roost has come. This will not be the last breach for quite some time. Yet all hope is not lost. You still can protect your organization and your information. Follow these tips below to start closing the backdoors to your data.
Get an assessment
The first and easiest step toward protecting your information is to schedule a cybersecurity assessment. A cybersecurity assessment should identify the gaps in your cybersecurity posture and provide recommendations on how to remediate the issues. An assessment can act as your road map to safety.
Test your backups
If you don’t currently back up your critical data, stop reading this blog, call a technology provider and back up your date now. If you do routinely back up your data and have redundant infrastructure, kudos to you! But have you tested your backups? The only way to ensure your backup strategy works is to test it. A full backup and recovery test should be completed annually at a minimum. This provides confidence that your systems and data can be recovered if compromised.
Train your employees
All the systems in the world can’t stop a naive employee from clicking a bad link or not reporting a suspicious interaction. Your employees are either your biggest asset or your biggest weakness. Implementing a program that simulates phishing emails and other commonly used tactics by hackers is a low-cost solution that will go a long way toward protecting your information.
It’s important to know there is still time to mitigate your risk, but you need to start now, not a month from now. Contact a technology adviser and start the conversation.
|Denny Fisher, Chief Client Experience Officer, ACS