As you know, what cyber-attack is? its types, what type of threat actors are there? and how you can become victim of any type of cyber-attack? you should follow best practices to safeguard yourself. If every individual takes their own responsibility to, not fall for any frauds and if each individual follow best practices ultimately organization will be safeguarded.
There are hundreds & thousands of steps you can take and practices you can aware of and follow, but its not possible for everyone to do so.
I have collected top 10 best practices you should follow when considering yourself as responsible individual or employee of any organization.
Security Awareness Training:
This training should be conducted for all employees every quarter, and for new joiners it should be part of their induction training.
Training should cover:
Introduction to cybersecurity & its terminologies. Best ways to manage passwords. Ways to identify and avoid phishing emails, messages, links & attachments. Ways to identify malicious links & websites. What is different data compliance policy & how to adhere to it. Best practices for securing home Wi-Fi networks and personal devices used for work. In short, this training should cover all 10 steps mention above.
Quick Response Force (QRF) tabletop exercise:
This tabletop activity is discussion-based activity designed to understand and improve the readiness and effectiveness of a team in responding to cybersecurity incidents.
This activity includes key management from IT Admin team, Data Compliance team, HR team, SOC team & other relevant teams who can indirectly get involves in organization security. E.g. Certificates management team, Logs management team, Firewall management team, Servers management team.
Also, we can say manager from each team excluding development team and QA team who never comes directly in contact with customers or external parties.
The QRF organizer collects the realistic scenarios and explain those cyber attack scenarios to team and ask team what actions you will take in such situations.
Stay Responsible:
Consider your organization is your responsibility and act based on it. Never neglect any small thing in organization. If you notice something suspicious happening to your workstations or at any portals don’t wait and never think like someone else will report it. Take a first step and inform it to SOC team.
Drill Tests:
Security team should mimic cybersecurity incidents based on current threats and vulnerabilities including different types of phishing attacks, ransomware, data breaches, malwares, and insider attacks. Then should collect & analyze the response of this activity and how different teams & individuals responded to this activity. And then schedule trainings based on this test feedback.
Phishing Simulations:
It’s a type of drill test, where security team mimic & execute different trending phishing campaigns in organization. Phishing campaigns contains emails with malicious links, attachments which don’t look legitimate and then those emails are sent to employees and their performance is recorded. How many has clicked on those malicious links, how many reported this to security team & how many has ignored it.
Other practices are self-explanatory but we will see them one by one.
Undeniably consider that that you stated. Your favorite justification seemed to be at the net the simplest thing to take note of. I say to you, I certainly get annoyed at the same time as folks think about issues that they plainly don’t recognise about. You managed to hit the nail upon the highest as neatly as outlined out the whole thing with no need side effect , folks can take a signal. Will likely be back to get more. Thanks
An excellent read that will keep readers – particularly me – coming back for more! Also, I’d genuinely appreciate if you check my website UY3 about Thai-Massage. Thank you and best of luck!
Great post! I learned something new and interesting, which I also happen to cover on my blog. It would be great to get some feedback from those who share the same interest about Cosmetics, here is my website QN6 Thank you!
I know a lot of folks whom I think would really enjoy your content that covers in depth. I just hope you wouldn’t mind if I share your blog to our community. Thanks, and feel free to surf my website ZQ3 for content about Podcasting.
I like this weblog so much, saved to favorites. “Nostalgia isn’t what it used to be.” by Peter De Vries.