Cybersecurity Checklist for Businesses in the New Norm

Dec 7, 2020
Olga Hout

Since the onset of the pandemic, 91% of businesses have reported an increase in cyberattacks. Surprisingly, plans on following a cybersecurity checklist or how to deploy a cybersecurity strategy haven't been a priority for companies around the globe not so long ago. In 2017, the phrase "ransomware attack" was trending like never before.  

In recent months there's been a rapid shift to working remotely, which creates more security vulnerabilities than ever before.

Perhaps your business has already suffered a few cyberattacks. Even if it hasn't, it's always worth upgrading your cybersecurity awareness and preparedness for the new norm. Just as wearing a mask can help decrease coronavirus transmissions, so taking a few extra precautions helps reduce the impact of cyberattacks on your business.

In this article, we'll give you a cybersecurity checklist you should use to safeguard your company and its data.

Educate Employees on Digital Hygiene

Your employees are the first line of defense when it comes to cybersecurity. This is evident when you consider the shockingly high statistic from the introduction.

Consider this: 94% of malware is delivered through email, and over 80% of security incidents are phishing attacks. Both of these security breaches are easily avoidable if your employees know what to look for.

So the best way to upgrade your cybersecurity for business is to educate your workforce. If you don't already have one, consider hiring a chief security officer (CSO) to provide regular training and education for your business.

If your workforce is operating remotely, video conference calls should help you ease the training process. You can run various competency or check-in tests to ensure that your employees understand the value of being prepared for a cyber breach.

Cybersecurity for Video Meetings

On that note, your business has probably seen a dramatic increase in the usage of video meetings or video conferences. Your workplace can take a few steps to make sure that all meetings are as secure as possible.

Firstly, always opt for password-protected meetings instead of public ones. Only share the passwords with relevant people and ensure that these login details aren't physically written down anywhere.

For example, a hacker could obtain a Zoom meeting password through a selfie on social media where an employee has the password written down on a Post-It that's stuck to their desk. Such an incident happened in November when a Dutch journalist gatecrashed a confidential video conference between EU defense ministers.

Secure Web Browsers

It's almost guaranteed that your employees will need to use web browsers to conduct work and search for personal reasons when off the clock.

Most ads served by websites are benign and annoying at most. But others can be filled with malware, and you don't want your employees to take any chances.

Make sure both you and your employees use good-quality ad blockers. Having a good antivirus program with endpoint security can help significantly as well.

Patch All Your Systems

Patches are released to plug up any vulnerabilities found in systems. The longer you wait to install these patches, the more at risk your business is for a security breach.

It might be tempting to keep postponing patches for weeks at a time since they're inconvenient. But considering that unpatched vulnerabilities cause 33% of breaches, you and your employees must install these as soon as possible.

If you have systems that can't be patched, make sure you isolate them. Doing so ensures that if they do become infected, the malware won't spread throughout your network.

Be Diligent in Monitoring Your Systems

Today, there are more sinister threats at play that aren't as obvious, such as zero-day threats. These are essentially vulnerabilities only cybercriminals know about, which means they're able to run rampant with attacks without you knowing or having a solution (otherwise, a patch).

A way to fight against zero-day threats is to diligently monitor your systems for any unusual behavior. Once you detect any, you can preemptively block actions before they can even take place.

Perform Penetration Tests

Hackers usually find their way into networks by exploiting exposed ports. For example, once the pandemic started and more people started working at home, attacks on Remote Desktop Protocol (RDP) servers tripled in March and April.

To combat this, you need to close any ports that aren't in use. The fewer potential targets cybercriminals have, the lower the chance of them being able to exploit them.

In addition, it's good practice to have a robust firewall. Doing so enables you to both monitor and filter port traffic, which can stop hackers in their tracks.

It would help if you also ran regular port scans and penetration tests. This ensures that you're vigilant about any vulnerabilities.

Have a Business Continuity Plan

Despite all your best efforts, it may be inevitable that a cyberattack is successful. And all it takes is one for your company to suffer greatly. On average, they cost businesses $200,000, which causes 60% of victims to go out of business within half a year.

Having a business continuity plan in place can save your company's reputation. This plan can help you prepare for the worst, so recovery is swift and as painless as possible.

The great thing about a business continuity plan is that it protects against cyberattacks and reduces downtime caused by natural disasters. Implementing a business continuity strategy ensures that you're covered from all angles so that no matter what happens, you can get up and running again in no time, with as little data loss as possible.

Use This Cybersecurity Checklist as a Starting Point

With this article, you'll have a great start when it comes to a cybersecurity checklist for the new norm. However, this isn't a comprehensive list at all.

If you'd like to maximize your company's cybersecurity in COVID-19 times, then make sure you download our cybersecurity checklist. This will provide you with even more guidance on safeguarding your data from bad actors.

Would you like more assistance with business continuity? Then get in touch with us today. We'll be ready to help you get peace of mind.

Cybersecurity Tips for When You're Working from Home

Here are some tips to make sure you’re practicing good cyber-hygiene while working from your home office.