Deciding how to prioritize cybersecurity needs can be confusing and time-consuming, complicated by constantly emerging cyber threats. The eight efforts below represent the highest impact low-hanging fruit for any cybersecurity plan.

While no single mitigation strategy guarantees security, a layered approach that implements the following eight essential mitigation strategies builds a much stronger security posture that protects your organization by making it much more difficult to compromise. Implementing the Essential Eight proactively is more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident.

Drill down into the cybersecurity threat overload and focus on these eight manageable strategies.

Prevent Malware Delivery and Execution

  • Application Allow List: prevent the execution of non-approved applications especially those known to be problematic (ex. executables, scripts, and installers) with granular allow lists and deny lists.
  • Patch Applications: Applications that include potentially malicious avenues like Flash and Java should be updated and patched in a timely matter.
  • Configure Microsoft Office Macro Settings: Macros should be blocked from internet access and make sure any macros in use are vetted and reconciled to trusted areas.
  • User Application Hardening: Configure web browsers to block Flash, ads and Java on the internet.

Limit Extent of Cybersecurity Incidents

  • Restrict Administrative Privileges: Restrict privileges based on a least privilege model. Administrators should only have access and authorization based on their responsibilities.
  • Multi-Factor Authentication: MFA for VPN, RDP, SSH and any user accessing privileged information is business critical.
  • Patch Operating Systems: Patch computers with “extreme risk” vulnerabilities within 48 hours. Whenever possible only allow the latest operating system.

Mitigation Strategies for Data Loss & Availability

  • Daily Backups: On a daily basis, do a delta sync of data that is new or changed and back it up. Keep the data for 3 months. Test the backup.

If you’re reading this list and starting to feel a bit overwhelmed, BPI helps address these strategies. Being able to design a comprehensive Information Security and Disaster Recovery plan and achieve these cybersecurity goals through IT management is a highly valuable single solution we think your organization will love. Begin the discussion today at (248) 357-3980.