In 2020, many American businesses made changes that opened up unmatched opportunities for cybercriminals.

Recent trends and cybersecurity statistics reveal an increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and smart devices. These devices have quickly become integral to the connectivity and productivity of remote staff and are easier to access than ever before. This access, combined with poor cybersecurity practices, have led to data loss and breaches that cost companies an average of $3.92 million per incident.

The increase of large-scale, well-publicized breaches suggests that not only are the number of security breaches going up — they’re increasing in severity. Recently, we saw just how large and severe the scale of these breaches have become with the catastrophic SolarWinds hack. The vast majority of Fortune 500 companies and government agencies have been affected, including the U.S. Department of Defense, NASA, Microsoft, and Visa and Mastercard.

Data breaches like this almost always expose sensitive information, putting staff and customers at risk for identity theft, and leaving the company liable for a myriad of compliance violations.

Start 2021 Off on the Right Foot With These Key Cybersecurity Tips

At Medicine Bow Technologies, we believe that cybersecurity is a team effort. All the tools and tricks in the book won’t do any good if the people using your system aren’t following cybersecurity best practices.

To ensure you’re starting 2021 on the right foot, we want to share some of our cybersecurity tips for the new year, and how you can use them to construct a robust cybersecurity strategy for your company.

Vulnerability Scanning

Vulnerability scanning should be a vital part of your cybersecurity strategy. Vulnerability scanning is an automated process in which we look for vulnerabilities in your network. Basically, when we do a Vulnerability Scan we look for things inside the network like missing security updates, blank or weak passwords, firewalls turned off, etc., and we pretend to be hackers looking in from the outside to see what we can find. The scanning process includes finding weaknesses in networks, equipment, and computers. In addition to identifying security holes, the vulnerability scans also predict how effective your security is against hackers. Vulnerability scans should be done yearly with discovered vulnerabilities cleaned up and revised by IT support.

Risk Assessment

A risk assessment is a process to identify potential hazards and analyze what could happen if a hazard occurs. Simply put, We ask questions about how you do things and show you how that compares to best practices. Risk assessment serves many purposes for an organization, including reducing operational risks, improving safety performance and achieving objectives. A NIST based risk assessments that evaluates IT policies and procedures and compares them against industry best practices will elevate an organization’s IT maturity level and insure basic operational standards are being met.

Risk assessments involve a detailed look into what could possibly happen in the event of an internal problem, breakdown, or even a natural disaster. Risk assessments should be done by all organizations at least annually.

Multi-Factor Authentication

We see every day that passwords alone are totally inadequate as a mechanism for securing access to critical information. Best practices today require not only a password that is known by the user, but some sort of second hand verification, such as an app. Multi-Factor Authentication (MFA), also referred to as two-factor authentication, is a security tool that asks you to present two pieces of evidence – your credentials – when logging in to an account. MFA should be considered mandatory and for network access and all applications where it is supported.

Dark Web Monitoring

Despite all of their best efforts, sometimes companies become victims of a breach or a hack through no fault of their own. For example, many high-profile companies such as, Experian, Target, and Yahoo have been hacked exposing their user’s credentials. That’s where services like dark web monitoring come in handy. It takes most companies an average of 206 days to find out they have had a breach in their system. That’s almost 6 months! By implementing dark web monitoring, you can get an alert as soon as any personal or company information is found online, allowing you to take immediate action to secure your data.

In 2021, existing TMS and PA Medicine Bow clients will receive Dark Web Monitoring as a service through Medicine Bow Technologies. We utilize Dark Web monitoring to give your company a heads up if your business name, company email addresses, or any other pertinent information is found on the dark web.

Cybersecurity Training for Employees

When it comes to your cybersecurity, there’s no such thing as being over-prepared, and education is the key to success. 43% of employees lack regular training on cybersecurity, but research shows that security-related risks are reduced by 70% when businesses invest in cybersecurity training and awareness. Frequent reminders about security risks and how to mitigate them will help keep network security top of mind for your employees. Organizations that work cybersecurity updates into mandatory meetings and allow for cybersecurity training to help communicate their importance generally see a sizeable return on their investment.

Medicine Bow provides many forms of cybersecurity training for companies and employees. We offer everything from in-house or online virtual training sessions to simulated attacks for companies that want to be proactive about cybersecurity training for employees. Our ethical phishing ‘attacks’ come in the form of an email. Once clicked, the user is engaged in a web based training session prescribed based on the trick used to get the user to click. Training progress can be tracked and reported to the company. It’s a great way to show employees just how insidious these innocent-looking emails can be.

In addition to educating employees on phishing and other potential cyberattacks they could face, our experts educate employees on cybersecurity best practices and topics like password protection, phishing attempts, and cyber hygiene.

Ultimately, educating employees about how to avoid major security risks is possibly the greatest weapon you have in combating cybercrime.

How Medicine Bow Can Help

The best way to overcome cybersecurity challenges in 2021 is to enlist the help of a managed IT provider that’s always up to date on the latest trends and understands the latest threats.  At Medicine Bow Technologies, our job is to make your systems as secure as possible, so you can focus on driving your business goals and growing your business.

When you work with Medicine Bow, you get monitoring and attention 24/7/365. Our goal is to ensure maximum system and computer uptime. You can trust our managed services and cybersecurity solutions to protect your business and increase the productivity of your staff while protecting your most valuable systems.
Let us help you increase your security for the new year. Get in touch today to talk to an expert about how Medicine Bow can help you and your company.

Elmer Robinson, Cybersecurity Director, MBT
Elmer Robinson, Cybersecurity Director, MBT