When keeping your systems secure, its just not possible to rely on a passive “set and forget” approach to putting cybersecurity measures in place.
Hackers and cybercriminals often rely on known exploits – vulnerabilities that may have been identified and resolved already by the software (or hardware) provider. These fixes are then made available as updates to the software, patches or “hot fixes”, or as recommended changes to system settings.
Although a lot of applications auto-update to mitigate this issue, it’s not enough to rely on this feature.
Not all vulnerable software will auto-update, some are regional issues that require manual selection, some updates may fail and others may have further consequences that need consideration. There is also the human factor, whereby users may disable or postpone updates that then present a critical security risk to your business.
Monitoring and securing all vulnerable areas should be done regularly and systematically to ensure the best possible protection.
Similarly backups are often not considered until they are needed, but they are often just automated without a second thought, or worse, a task relying on swapping outdated and untested tapes or removable media.
Backups are often your last line of defence against corruption or ransomware and as such they should be monitored and test restored regularly.
A structured plan, incorporating all of the elements listed here and below should be tailored to mitigate any cyber threat before it can harm your business.