Cyber attacks continue to increase in both frequency and intensity, and most large organizations say they have been the victim of at least one cybersecurity incident, or that they expect to be. Despite that, many organizations continue to pay only lip service to strong cybersecurity defense, and many others overlook even basic security measures.

With that in mind, here are tips for preventing attacks in the first place, and for what to do after an attack occurs.

Offensive Strategies: Preventing Attacks

Be proactive with employees. Train employees on their responsibilities with regard to data protection. Put your security policy in writing and communicate it to your entire staff.

Regularly update passwords. Passwords should use a strong mix of characters (letters, numbers, and symbols) and be updated at least twice a year.

Encrypt your data. If important data is easy to access, chances are it will be stolen. Keep critical and sensitive data encrypted.

Have a firewall in place. Firewalls are designed to prevent unauthorized access to or from private networks. Ensure you have one in place -- and test it.

Secure your data comprehensively. Utilize anti-virus protection as a basic security layer. Even if your systems include a built-in firewall, consider incorporating an additional layer of protection.

Have a solid backup with off-site replication. Backup your data regularly. Storing data off-site allows you to minimize the scrambling to retrieve your data should a breach occur.

Defensive Strategies: What to Do After an Attack

Secure your systems. Contain the breach by securing all IT systems. Minimize the impact of data loss to minimize financial loss.

Assess the impact on your organization. Determine the underlying issue and how it might affect your business before moving forward.

Set goals for recovery. Create a plan to restore your systems. Determine how long the recovery process might take, and prioritize tasks accordingly.

Manage your PR. If a breach becomes public, be timely, accurate, and honest in messages given to affected parties.

Address legal and regulatory requirements. In certain cases, legislation contains regulatory requirements in the event of a breach (e.g., HIPAA and PCI compliance). Know whether you're held to those requirements and, if so, who you need to notify.

Self-assess. When systems are recovered, evaluate your team's actions and determine what went well, and what could have been done differently.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Michael Lewis

Michael Lewis

Michael Lewis is chief information officer at Copper State, where he provides virtual IT leadership services to clients.