Expert Panel | Forbes.com »
Unfortunately, times of crisis can bring out the worst of bad actors. Hackers and data thieves will take advantage of the turmoil and distraction and target anyone they deem vulnerable — whether that’s large corporations or small startups. Every business needs to operate under the idea that they could be the next to be attacked and set up security measures that protect organizational and customer data.
To safeguard your network and digital devices from bad actors, it’s essential to implement the latest strategies against hacking. Below, 11 tech experts from Forbes Technology Council share their advice to help you keep hackers at bay.
1. Leverage AI solutions.
Everything we do as a company is accomplished as a team, and so are our cybersecurity defenses. Our company uses a security solution that leverages AI to help our employees identify threats more quickly. This solution, powered through machine learning over time, improves our security posture, even as the threat landscape changes. Even as threats evolve, so do our security defenses. – Mike Murphy, Mercury Managed Services
2. Train end users on strong cyber habits.
The reason threat actors love crises is that they know that during stressful times people are more likely to fall for social engineering attacks and make mistakes. Knowing this, the most important strategy becomes obvious: training end-users to adopt strong cyber hygiene habits — in both times of crisis and normalcy — so they don’t fall for these attacks. – Kevin Lynch, Optiv
3. Look ahead for potential security threats.
Businesses must give teams time to predict future attacks. Whether it’s an event like the availability of Covid-19 vaccines or a new breach in which machine identities were found and stolen on sites popular with developers, businesses can predict the next attack. Senior leadership must give security teams breathing room to look to the future. It will pay off by reducing the risk of attacks to come. – Kevin Bocek, Venafi
4. Pay attention to the risks that come from remote and hybrid working arrangements.
The current crisis has led to a greater occurrence of hybrid working — people are connecting and working from home. Combine this way of working with a heightened tempo of cyberattacks, and there has never been a greater need to pay attention to encryption, key management, access management and cybersecurity monitoring. Implementing these strategies ensures that businesses can protect data at all times and against all ways of working. – Alex Cresswell, Thales Group
5. Implement behavioral-based authentication.
Since users are the most porous of your security perimeters, you should implement continuous behavioral-based authentication. This is how organizations can make the user authentication process more secure while reducing friction. Talk about a win-win! – Saryu Nayyar, Gurucul
6. Adopt Zero Trust.
Organizations must assume that a security lapse will be exploited. We must practice and implement a Zero Trust approach that assumes that every user is a threat. Everyone must be verified before they are trusted and can access any sort of sensitive data. Given the reliance on remote work and an increase in volume and sophistication of cyberthreats, this shift in security mindset is imperative. – Ameesh Divatia, Baffle, Inc.
7. Lean on cloud technology.
Reduce the surface area as much as possible by leaning on cloud technology for as much of your tooling as possible. Move to Google Workspace or Microsoft 365, and make sure to have the security configuration properly set. Email is still the No. 1 threat matrix, and that’s driven by social engineering as much as technical wizardry. Train everyone on security awareness. We use Terranova, and it’s wonderful. – Tony Safoian, SADA Systems
8. Use two-factor authentication.
One of the easiest ways to prevent cyberattacks is to encourage your employees and visitors to use two-factor authentication. If people need to take multiple steps such as checking their phone or email before signing in, there’s a significantly smaller chance of a security breach. – Thomas Griffin, OptinMonster
9. Think like a hacker.
There are many ways to exploit the vulnerabilities of a company — too many for companies to protect against all exploits. But by thinking like a hacker and looking at security from their angle, a different type of security prioritization can emerge and organizations can more robustly defend themselves. – Juliette Rizkallah, SailPoint
10. Think in terms of before, during and after.
Society runs on trust, and that isn’t going to change. Bad actors will exploit crises, but your defensive playbook always has the same three components: educate users, build a resilient network and plan how you will bounce back — because some attacks are going to work. Think about it as before, during and after — it’s essential to address all three phases. – Mike Lloyd, RedSeal
11. Set up flagging procedures, and test awareness.
Bad actors prey on human error. As cybersecurity technology becomes more sophisticated, the attack vector is shifting toward social engineering and psychology. Educate and set up procedures to encourage flagging any suspicious activity in emails, Slack contacts, phone calls and so on. Organize one or two internal cyber provocations, openly discuss any mistakes made and conclude with a set of lessons learned. – Pawel Rzeszucinski, Codewise
Guard Against Hackers
Guard Against Hackers
Guard Against Hackers