There is no doubt that 2018 has been a bad year for cyber security. With the massive Facebook breach resulting in the exposure of 50 million accounts, Quora's 100s of millions of users affected by a malicious third party, Marriott International's data breach by Chinese hackers, ... and the list goes on. To get you ready for 2019, here are our top 8 cyber-security recommendations to survive through this new year:

1. Harden your webapps
   Check out our last post and follow the top 5 tips from our pentesters to close any security gaps around your web application. Web app hacking is one of the most common attack vector for breaching a company, and be sure to reach out for professional help if needed.


2. Educate your employees
   Security is not simply a CIO, CISO, or IT department issue. Breaches, leaked documents, and cyber-security attacks impact stock prices and competitive edge. It is a responsibility that must be shared among all employees; CEOs and board members must proactively mitigate future challenges.


3. Be proactive about ransomware
   A few simple steps can help you reduce or mitigate these attacks: Staying up to date with patches, antivirus and malware updates, backing up regularly and testing your backups, but also don't forget to strengthen your real time defense.


4. Check your peripheral defense through penetration testing
   Nothing beats real life testing, stop trying to imagine what the threats might be and go for a reality check! There is no better way to assess your security posture than to let professional hackers try to get into your systems, and letting them report back the holes in your defense.


5. Integrate security right into your product design
   DevOps should become DevSecOps, security needs to be considered right at conception, not merely patched once deployed in the field. Catching a security hole during development is several orders of magnitude cheaper than discovering it later, especially after a data breach. It's never too late to review your source code to check for obvious vulnerabilities, or get professional help to do it for you.


6. Consider Continuous Monitoring
   Stay one step ahead of hackers by pro-actively monitoring your digital assets, and making sure you understand your security posture at all time. Many solutions exist to monitor your network in real time and flag potential issues as soon as they occur. Nowhere more than in cyber security, time is money.


7. Watch out for GDPR
   Like it or not, GDPR has been here since May and most companies that do business in the EU are still not compliant. With fines ranging from a simple warning of non-compliance to up to $20 million EUR or 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater, you should be looking into it closely.


8. Reduce your attack surface
   Review and reduce what you are exposing externally and internally. The attack surface gives hackers a foothold into your systems, allowing them to further attack your organization or other organizations. By eliminating blind-spots in your security and reducing the opportunities for hackers to  gather data on your organization, you can dramatically decrease the probability of a data breach. 

More information on Silent Breach cyber security.