Cybersecurity Best Practices: How to be More Proactive in the Fight Against Cyberattack

In cybersecurity, as with medicine, prevention is better than cure.

The news headlines are filled with tales of email hacks, phishing scams and ransomware attacks that leave firms scrambling for patches or ways to contain the damage. The fast-moving threat landscape often leaves financial organizations playing catch-up, in a whack-a-mole contest with sophisticated and well-resourced opponents who can appear at any time in any guise.

No one is immune. All companies, regardless of size or location, will get hacked at some point. But adopting a proactive cybersecurity program creates a better shield by minimizing vulnerabilities before they become an issue.

Resourcing limitations may curb how extensive and sophisticated that proactive cybersecurity approach may be. But even within those confines, there are many steps firms can take.

As Arnaud Wiehe, author of The Book on Cybersecurity, observed, “the more of the good things you do, the better off you are.”

Reduce the cyber attack surface

“Bloatware” is a common industry issue, noted Wiehe. Over time, firms’ software use tends to expand and become more complex. “And every time we add complexity, we make it harder to secure ourselves,” he explained.

Given the cybersecurity vulnerabilities present in every system or piece of hardware, Wiehe advises actively retiring legacy applications and infrastructure, and consolidating platforms where possible to reduce the attack surface. Moving to the cloud can reduce cybersecurity complexity.

Endpoints are another part of the attack surface, so virtualizing those or equipping staff with ‘dumb’ endpoints – a cloud-based device or endpoint with limited functionality instead of a full computer, for instance – is another option, said Wiehe.

Manage IT supply chain risks

As we noted in a previous blog, much software development now takes advantage of open source or third-party software libraries and AI-generated code. Vetting those libraries to ensure you only use reputable sources can help limit third-party risk in the software supply chain. Streamlining library use will also shrink the attack surface.

“Actively monitoring vendors to ensure they follow good practice, and that those practices don’t deteriorate, can similarly reduce the IT supply chain risk,” noted Wiehe. Relationships with vendors that fall below required security standards and don’t remediate their performance, or they get hacked and don’t react appropriately, should be terminated.

Protect sensitive data

Financial services organizations are prime targets for cybercriminals because of the vast troves of sensitive data they maintain. “Controlling that data through techniques such as encryption and tokenization is therefore imperative,” said Wiehe.

Encryption preserves data confidentiality by converting the information’s original plain text representation into ciphertext, which can only be decoded by authorized parties with a unique decryption key. Tokenization substitutes sensitive data elements, for example personally identifiable information, with a non-sensitive, randomly-generated equivalent. This token has no intrinsic meaning or value, making them useless to unauthorized individuals.

Multi-factor authentication – requiring users to prove their identity with something they have (e.g. a phone or smart card) and/or something they are (a biometric measure such as a fingerprint or face scan) – then ensures that data and systems can only be accessed by individuals with the proper permissions, a safeguard that is just as important in combatting internal threats as external ones.

Maintain robust back-up and recovery facilities

But however good your preventive protections are, a cure will be needed at some point. When the inevitable happens and a breach occurs, fast treatment in the shape of a robust back-up and recovery capability is essential. Again, be proactive. Ensure your data is properly backed up at all times and test you can seamlessly recover from any breach or ransomware attack, advised Wiehe.

Disaster recovery facilities are expensive though. High infrastructure costs need to be amortized over years. And people taking the spending decisions don’t always want to allocate the money because, like insurance, cybersecurity is often seen as a hidden cost with a non-obvious return on investment, Wiehe noted.

Which is another reason cloud-delivered technology solutions are popular. Firms can outsource the fixed costs and piggyback on the cybersecurity investments made by their third-party provider.

“But you have to think carefully about which cloud set-up you use and how to manage the risks that are unique to your organization in that environment,” said Wiehe. “There’s no right answer for that.”

About Arnaud Wiehe

Arnaud Wiehe is an author, speaker, consultant, and thought leader in cybersecurity. He has worked in leadership and cybersecurity roles for major global companies, including as a CISO for multiple years. He holds several prestigious cybersecurity certifications, including:

•Certified Information Systems Security Professional (CISSP)

•Certified Cloud Security Professional (CCSP)

•Certified Information Security Manager (CISM)

•Certified Information Systems Auditor (CISA)

•Certified Fraud Examiner (CFE)

Throughout his career, Arnaud has demonstrated a strong focus on cybersecurity best practices and keeping current with emerging trends, technologies, and innovation. He is a graduate of the Singularity University and a member of the Association of Professional Futurists. He is widely respected by his peers as an expert in cybersecurity and IT governance.

Arnaud is also an enthusiastic amateur musician and luthier. He plays the violin, viola, cello, and mandolin. He has made two violins, a viola, and numerous bows.