Our thoughts are with the people of Ukraine following Russia’s attack on their country. With the world on heightened alert, the UK’s National Cyber Security Centre is urging organisations to take steps to improve their resilience. While there is currently no evidence of specific threats to organisations in the Channel Islands, we are advising our clients to be prepared for an increase in malicious cyber activity and working with them to ensure they have the right security in place.
The most important thing is to make sure the fundamentals of cyber security are in place to protect devices, networks and systems. Here’s our 9 point guide to ensure your cyber hygiene basics are in place.
1. Check your system patching
- Ensure users’ desktops, laptops and mobile devices are patched.
- Check firmware on devices is also patched.
- Ensure internet-facing services are patched for know vulnerabilities.
- Ensure key business systems are patched or vulnerabilities mitigated.
2. Verify access controls
- Ask staff to ensure passwords are unique to your business systems.
- Make sure passwords are strong, unique & changed immediately if not.
- Review user accounts & remove any old or unused accounts.
- Check Multi Factor Authentication configuration – this is possibly any organisation’s greatest aid.
3. Ensure defences are working
- Ensure anti virus software is installed and regularly confirm it is updated.
- Check firewall rules are as expected.
- Ensure secure configuration of common desktops, laptops and mobile devices
4. Logging and Monitoring
- Understand what logging you have in place, where they are stored and how long they are retained for.
- Monitor key logs and antivirus logs.
- Ensure logs are kept for at least a month.
5. Review your backups
- Confirm backups are running correctly.
- Perform restoration tests.
- Check there is an online copy of your backup and that it is recent to prevent loss of data.
- Ensure machine state and any critical external credential such as private keys and access tokens are backed up.
6. Incident Plan
- Check your incident response plan is up to date.
- Confirm escalation routes and contact details are up to date.
- Ensure you know who has authority to make key decisions.
- Ensure your plan and communications tools are available even if your systems are not
7. Check your internet footprint
- Check records of your external internet facing footprint are correct & up to date.
- Check IP addresses and domain names that belong to you.
- Perform a vulnerability scan of your internet footprint and patching is up to date.
8. Phishing response
- Ensure staff know how to identify phishing emails.
- Ensure staff know how to report phishing emails.
- Ensure you have a process in place to deal with reported emails.
9. Third party access
- Ensure you understand what access third parties have to your network.
- Remove any access no longer required.
- Ensure you understand the security your third parties have in place.
If this crisis has prompted you to make sure your security is up to date or to find an appropriate solution for your business, with our partners Tessian for human layer security, Arctic Wolf for security operations and Knowbe4 for security awareness training, we can ensure you are fully prepared.