Network Security Across the Full CyberAttack Continuum: Defenses To Have Before The Attack Happens, Part 2

by | Apr 5, 2019 | Cyber Incident and Response

This is Part 2 of Network Security Across the Full CyberAttack Continuum: Defenses To Have Before The Attack Happens. Part 1 covers some new Malware Innovations, the importance of Trained Staff to help network users identify and deflect malicious activity, and the importance of improving Network Visibility. Go Back to Part 1

Increase Security of Network Access

Login Credential Security

The Xwo malware, as explained in Defenses To Have Before The Attack Happens, Part 1, is a malware that particularly scans the internet for networks accessible by weak credentials. This is why “dual-authentication” and “multi-authentication” is becoming more important. To have a strong network security posture, the password is just one phase of the login access procedure. Two-factor authentication sounds like a hassle, but there are solutions, like DUO, that make adding this level of credential security to your network very easy… and provides strong reinforcement for authorized access.

Email Security

Phishing and malware attachments, and other threats that exploit email to attempt access of a business network, is a daily problem in most businesses. It only takes one employee opening up an email attachment, that looks so deceptively legitimate, to create a world of hurt for the business network. Email security solutions are indispensable to protect business email accounts from compromise. But beware that email security is a both/and issue. You should have both email security solutions in place and you should keep your end users trained to recognize the latest scams when they come along.

Have You Had Your Business Network Pen Tested Lately?

Have an ethical hacker put your network’s defenses to the test. It will show you where your vulnerabilities lie. Consequently, it will help you direct your focus to the places in your network that need the most attention.

Create a Runbook

A Runbook is a manual that contains all the administrative routines, procedures, applications, and credentials of the business network. If the network goes down, this is the essential reference book the systems administrator will need to get everything back up and running. A runbook should be reviewed by the company at least annually to keep it up to date. Secure Networkers assists our customers to compose runbooks that are thorough.

Compose an Incident Response Plan

What should be done after an attack? If malware should strike, it is critical to have an Incident Response Plan ready to go so that all end users will know what to do – and maybe more importantly, what not to do – when a network gets infected. If a cyber attack should strike and all systems go down, as has recently happened to Norsk Hydro and other major industrial firms hit by the Lokergoga ransomware in recent weeks, CEO Svein Richard Brandtzæg immediately responded with instructions to help employees mitigate the potential further damage that might have been caused by accessing infected files, shutting down or restarting machines, and the like. Again, it is important to approach network protection efforts from the stance that data breaches will happen and one needs to be completely prepared for the eventuality of it. An Incident Response Plan is critical to have on hand, ready to go, updated regularly… and is something to compile before an attack happens..

Call Secure Networkers at (281) 651.2254 with your questions. Our job is to help you select a network defense solution that will keep your business healthy and at the peak of performance.

Hybrid VDI - Total Economic Impact of VMWare End User Computing