For decades, the cyber-world has been free of major regulations or investigations, allowing for cybercrime to thrive. President Biden’s new executive order on cyber-security is a crucial directive for enhancing our nation’s cyber-security posture.
Recent cyber-attacks to large, mid-size and small businesses, as well as federal agencies have sparked the critical need to strengthen the collaboration between the public and private sectors towards a definition and implementation of modern cyber-security practices, secure software development, improved threat detection, effective incident response and cyber-security intelligence information sharing.
From an individual using their personal computer, small-business owner to corporations, every person relies on technology and uses it on a daily basis. This puts every single person at risk to cyber-attacks. A major cyber-attack can be the downfall of any one business. However, implementing policies and controls that protect against cyber-attacks can help individuals trust the use of technology by making them feel safer and protected. This will not only help big corporations, but small business that are struggling with this rapidly evolving environment.
It is incredibly important for all sectors to considered this; cyber-attacks show up differently but everywhere where there’s a connection to the internet and email. Whether you work in academia or in the city hall, it’s important to recognize patterns and be prepare to act appropriately.
We believe this executive order is a great step towards regulating and confronting the dangers in the cyber-world. We foresee that Biden’s Cyber-Security Executive Order will accelerate the execution of federal, state and industry regulations of cyber-security frameworks that private or public sectors must adhere and fully implement to improve our nation’s cyber-security posture; reducing the risk of cyber-attacks and minimizing cyber-incidents.
In reference to the upcoming regulations, the Empowered IT Solutions team strongly supports the need to improve three main aspects of a cyber-security posture: Technology, People and Policies.
Keep in mind that, a hacker just needs to be successful once, but we must be successful every time, all the time!
Technology.
The majority of focus is in this area. From the individual to the large enterprise, basic protection systems are put in place (like anti-virus or Endpoint Detection & Response (EDR)) to the most complex and expensive (like network and event monitoring with Backup & Disaster Recovery systems). For this, people will need to review their current systems and upgrade them in accordance with the new regulation controls.
People.
Sometimes recognized as “the weakest link in a chain” since statistics show more than 80% of the attacks are successful due to a human factor. As simple as when someone clicks on the wrong link, opens an attachment from an email, or an employee intentionally opens the door to a hacker. Organizations, both public and private, need to invest in their most important asset: people. Everyone must be trained on how to identify cyber-attacks (like phishing emails) and how to appropriately respond. Raising awareness about the importance of being active in cyber-security practices will be important to be compliant with the regulations as well as crucial for the business survival. All business need to take cyber-security seriously and commit themselves to a culture of “Security-First”.
Before, cyber-security was just the responsibility of the IT department, but today, it must be the responsibility of everybody in the organization. By working together, one’s cyber-security posture is the strongest.
This is another very important part of being compliant with current and future regulations. Policies tie together the previous two pieces (technology + people) and help align the organization. As the definition of policy rules, it is a strategic direction for the organization as decided by senior management. Policy is the best way to show the organization how serious cyber-security is. An example of a key policy is an Incident Response Policy, which guides individuals on how to respond to critical system problems in case of a security incident that could impact the organization, customers, vendors, or data. Some of the key components of this policy are:
- creation of incident response team,
- how the incident will be reported (for example, when and who within the incident response team will notify the insurance and/or authorities),
- definition of the incident severity,
- what actions must be triggered (for example, identification, containment, remediation, recovery, and debrief).
Empowered IT Solutions’ advice for all types and sizes of organizations is to start with a security assessment to learn their risk level.
Know your vulnerabilities, so you can define a plan according to the security profile you want and the level of risk your business operation can undertake. We can walk you step-by-step through this by assessing your current position, mapping your risk, and implementing the solutions according to the security maturity level you would like to adopt.