The increasing pace of the possibilities provided by internet services has become an aide for businesses and opportunities to maximize the use of the internet. Our assets rely heavily on the use of the internet, the same field where hackers and cyber criminals rely on to enact their illicit deeds. As convenient and helpful the internet has been to each individual, we do not realize the implications of a cyber attack unless we’ve been struck by one. The implications and consequences of poorly implemented systems and the ignorance of understanding the risks posed on your assets can lead to immense financial/ reputation loss.
Here are some tips that can help you prepare, prevent and at the very least, minimize the loss during a cyber attack
1. Eliminate the risks
– Putting your digital assets online increases the risk. Never deploy any online system and website without assigning a team to maintain and secure it. Conduct yearly risk assessments as knowing and understanding the risks will help your organization eliminate it.
2. Patch Management of digital assets
– Assign a technical personnel to do the inventory of your digital assets, monitor software updates, and apply the patch to your operating systems, hardware and software. Assign the person also to be the point of contact during cyberattacks.
3. Invest in Cybersecurity Solutions
– Technology alone cannot effectively prevent cyberattacks. However, organizations should have the basic line of defense in place for their hardware and software. Invest in anti-virus solutions, anti-phishing for email apps, and web application firewall.
4. Job specific awareness and training for employees
– The level of awareness and trainings on cybersecurity for different job functions in an organization is highly recommended. The trainings needed for network and web administrators are different from human resource, communications, policy makers, and other employees.
5. Third Party Capabilities and Support
– When outsourcing your services and other digital assets such as internal systems, web applications, servers, backup and other business requirements, make sure to review their cybersecurity support. Knowing your providers and vendors cybersecurity capabilities and support is a must in this era.
6. Utilize free or affordable protection solution on the web
– Install SSL on your digital assets to secure connectivity. Use anti-ddos protection to mitigate denial-of-service attacks on your websites and malware scanners to mitigate the risks of malware infecting your website’s visitors/viewers.
7. Define Procedures
– In the midst of cyber attacks, you will be wasting precious time if you do not have procedures in place to minimize the damage. Establish procedures and actions to be taken and identify the priorities during an attack. Maintain an updated list of who to contact (your ISP, law enforcement agencies, third party providers, etc.).
Report an incident by contacting:
Philippines National CERT
Call: 920-0101 local 1708 and 1002.
SMS: 0916 489 4613
Social Media: fb.com/ncertgovph
Always have these infos at hand for faster coordination. Have them printed. In case you can’t reach out to us thru one channel, reach out to us thru another channel. Follow up if you must.