With a large surge in ransomware related attacks being targeted towards small businesses many CEOs have had to come to the same conclusion the hard way; if your business has any dealings on the internet then you are vulnerable to an attack.
It's good to see cyber security taking a heightened priority in many companies overall infrastructure, however even with sophisticated IT security protocols and well crafted plans it is still recommended that you invest in some form of external penetration / spear phishing testing.
Companies who are not acting proactively in this relatively new state of cyber emergency will be much more likely to suffer from major financial losses and data breaches. Here are some of our top recommendations for a safer digital environment for your company.
1. Develop an incident response plan
Ensure points of contact are included
Constantly update the plan
2. Application whitelisting
3. Establish foundational relationships with key incident responders
Breach counsel
Forensic provider
General public relations
4. Test your plan
Like all emergency procedures, your plan should be practiced
Tabletop exercises
5. Conduct quarterly penetration tests
External pen tests and spear fishing attacks are crucial to verifying the effectiveness of your plan