In today’s digital era, businesses rely heavily on technology and online systems. To help safeguard against cyber threats and ensure business continuity, maintaining basic cyber hygiene is imperative. Adhering to basic security hygiene can protect against 98% of attacks.1
Here are five key standards every organization should adopt:
- Require phishing-resistant multifactor authentication (MFA):
- Enable MFA to help prevent 99.9% of attacks on your accounts.2
- Opt for MFA options with minimal user friction, like biometrics or FIDO2 compliant factors such as Feitan or Yubico security keys.
- Use conditional access policies and single sign-on (SSO) to streamline the user experience.
- Apply Zero Trust principles:
- Implement a Zero Trust approach to security, verifying every transaction, asserting least-privilege access, and relying on intelligence, advance detection, and real-time response to threats.
- Use modern anti-malware:
- Deploy extended detection and response and anti-malware solutions to help detect threats, automatically block attacks, and provide actionable insights.
- Leverage security automation and orchestration to streamline threat detection and response.
- Keep systems up to date:
- Unpatched and out of date systems can lead to increased risk. Regularly update firmware, operating systems, and applications to reduce vulnerabilities.
- Protect data:
- Understand your data landscape, label and classify sensitive data, and establish access controls.
- Address insider risks using the right people, processes, training, and tools to help take into account user context around data.
- Ensure the proper access controls are in place to help prevent data loss while managing data throughout its lifecycle.
In today’s threat environment, meeting the minimum standards for cybersecurity hygiene is essential and these five pillars can help offer strong protection and reduce risk.