Last week, I posted about a Free CyberSecure My Business Webinar that took place this past Tuesday, March 13th. I wanted to follow up that post with a quick summary of what was presented on the webinar.
The webinar was presented by the National Cyber Security Alliance. Presenters were from the National Institute of Standards and Technology, security vendor Trend Micro, the Small Business Administration and the Michigan Small Business Development Center.
The presented from NIST focused on the five major functions of the NIST Cybersecurity Framework. The NIST framework is the defacto standard for defining cybersecurity needs. The five functions are as follows:
IDENTIFY assets you need to protect.
PROTECT assets and limit impact.
DETECT security problems.
RESPOND to an incident.
RECOVER from an incident.
The presented from Trend Micro talked about a new phenomenon they have termed the “Double Whammy.” Esentially, this is when one cyberattack actually masks another and the second attack is the one that is designed to do the actual damage. Another key point the presenter made was that if you get infected with malware, you can’t be confident that you’ve removed it all. Your best bet is to replace the machine. The presenter almost pointed to the website nomoreransom.org where some of the major cybersecurity companies have collaborated to publish decryption keys for known ransomware outbreaks. Of course, the bad guys develop new ransomware faster than the site can keep up with, but this is a good start at what amounts to a crowdsourced defense.
The presenter from the Michigan Small Business Development Center showed a web site they have put together to help their constituents address cybersecurity concerns. This is part of local outreach activities that the SBA supports.
He also shared the following bullets, which are great reminders for any response to a cybersecurity incident.
Process to Follow:
Review Lessons Learned
People to Notify:
Cyber Security Expert & IT
Technologies to Help Mitigate Risk:
Encryption (full disk, files, folders, email, VPN)
Mutli-Factor Authentication (MFA, 2FA)
Mobile Device Management (MDM)
Data Loss Prevention (DLP)
Security Information and Event Management (SIEM)
Intrusion Prevention/Intrusion Detection Systems (IPS/IDS)
Have a Business Continuity Plan
Incident Response Plan
Disaster Recovery Plan
Identify Key Assets
Choose Protection Considering Based On:
I know there is a lot of information in this post. If you were not able to make this webinar, I wanted to share a good summary to help you review your own cybersecurity posture. Please check the links and leverage this great content to help improve your cybersecurity. Stay Safe Online.