8 cyber security resolutions for 2018

Happy new year 2018!


There is no doubt that 2017 has been a bad year for cyber security, with the Equifax breach, Wannacry ransomeware, Russian social media manipulation, etc... But to get you ready for 2018, here's our top 8 cyber-security recommendations to survive through this new year:

  1. Get ready for GDPR
    Like it or not, GDPR is coming in May and most companies that do business in the EU are still not compliant. With fines ranging from a simple warning of non-compliance to up to $20 million EUR or 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater, you should be looking into it.

  2. Educate your employees
    Security is not simply a CIO, CSO, or IT department issue. Breaches, leaked documents, and cyber-security attacks impact stock prices and competitive edge. It is a responsibility that must be shared among all employees; CEOs and board members must proactively mitigate future challenges.

  3. Be proactive about ransomware
    A few simple steps can help you reduce or mitigate these attacks: Staying up to date with patches, antivirus and malware updates, backing up regularly and testing your backups, but also don't forget to strengthen your real time defense.

  4. Check your peripheral defense through penetration testing
    Nothing beats real life testing, stop trying to imagine what the threats might be and go for a reality check! There is no better way to assess your security posture than to leave professional hackers try to get into your systems, and letting them report back the holes in your defense.

  5. Integrate security right in your product design
    DevOps should become DevSecOps, security needs to be considered right at conception time, not merely patched once deployed in the field. Catching a security hole during development is several orders of magnitude cheaper than discovering it later, especially after a data breach. It's never too late to review your source code to check for obvious vulnerabilities, or get professional help to do it for you.

  6. Get prepared for a data breach
    If you have been in business long enough, you should know that it's not if you will get breached, it's when. Detecting an attack and/or dealing with its consequences requires you to be prepared with a solid plan of action. Business continuity is crucial for your business and nothing can help you more than preparing procedures for disaster recovery, information leakage, or brand and reputation damage. 

  7. IoT threats are real
    Internet of Things is revolutionizing our lives but they don't always come with the proper security around them. The emergence of this new segment is an armed raced for new companies to dominate the market, and security is often an afterthought. This can offer a massive opportunity for hackers to penetrate your systems through device you hadn't considered harmful. Because IoT sometimes accesses your personal information or some of your critical infrastructure, it is increasingly becoming the preferred attack vector for hackers.

  8. Reduce your attack surface
    Review and reduce what you are exposing externally and internally. The attack surface gives hackers a foothold into your systems, to further attack your organization or other organizations. By eliminating blind-spots in your security and reducing the opportunities for hackers to  gather data on your organization, you can dramatically decrease the probabilities of a data breach. 

More information on Silent Breach cyber security.