2015 is coming to an end. And while the year is winding down, it would be a mistake to think that hackers will ease up in observance of the holidays.
In fact, with the bustle of the holiday season in full swing, cyber criminals are ready to pounce. There are the droves of shoppers, both in stores and online, with credit card numbers to plunder. And there are other, less obvious considerations, such as open enrollments for health plans and an uptick in banking transactions.
However, with a lot of employees taking time off for the holidays, now is a good time for your organization’s IT department to work on some cyber security house cleaning. With that in mind, let’s take a look at three security measures your organization can do to improve its security posture before the New Year.
1. Conduct a threat assessment.
Budget preparation is likely on the horizon, so it’s a good time to take a step back and be sure your security spend is lined up with your actual threat landscape. For example, if your company is handling lots of personally identifiable information (PII), it may be necessary to increase your focus on data protection. If you have highly sensitive trade secrets that should require limited access, you might want to improve your authentication structure.
2. Test your disaster recovery plan.
It can be difficult to schedule disaster recovery testing due to the disruptions it can cause for employees. But with the office significantly thinned out at the end of year, now is the time to test out your plan. Efficiency in recovery could potentially save your organization millions after an incident, so testing your plan is essential.
Like recovery planning tests, many companies find it difficult to find an appropriate time to work pentesting into their cyber security analysis. By its nature, the practice can require some disruptions to an organization’s regular daily routines. Yet pentesting is a critical part of threat analysis, as it goes beyond vulnerability scanning to find real-world vulnerabilities that may otherwise remain hidden. Bringing pentesters in at the end of the year can minimize disruptions and give you cyber intelligence you will need going in to 2016.
If your organization needs assistance preparing for a secure 2016, Lunarline provides a full suite of security services, including recovery planning, threat assessment and penetration testing. To learn more visit lunarline.com or contact us for a consultation.