![]() ![]() The SOC, staffed by live people 24/7, monitors attacks all over the world. The SIEM is monitored 24/7 by a Security Operations Center (SOC). It would also be able to identify what files were accessed and what files were compromised. It detects any attempts at intrusion, often block such attempts and in the event of a successful intrusion would shut things down to mitigate the damage. If you are in a high risk area you may also want to add a SIEM (Security Information and Event Management) program. Remember security is a matter of layers – the more layers you have the more secure you will be. 14) Have a proper (monitored) backup (not a security measure but can help you recover if there is a breach). 13) Make sure your computer is monitored in the event of your Anti-Virus detecting an issue. 12) Make sure you have a proper Anti-Virus. 11) Make sure windows security patches are kept up to date. 10) Have a proper firewall in the office. ![]() 9) Use encrypted email for confidential information. 8) Monitor your email for logins from countries outside of Canada. 7) Get a proper spam filter on your email. 6) If you are still on POP or IMAP email move to MS 365 email. 5) Have an MFA (multifactor authentication) also known as 2FA on all email and sites you log in to. These types of questions are often designed to gather personal information about you. 4) Do not give out private information that you may use elsewhere to answer security questions on face book such as “What was the first car you drove?”. 3) Get training for your staff if you think that is needed. 2) Train your staff by running “fake” phishing email attacks to see how your staff responds. Do not succumb to requests to enter or renew passwords. Do not click on links that look “weird”. Do not open attachments you are not expecting. ![]() For all companies you need to take the standard precautions: 1) Be vigilant with your email. I would say these sectors are more at risk than other sectors: Government and Government Agencies, Finance and Energy sectors. Obviously Ukraine and NATO countries would be at the highest risk (including Canada). As of now the best thing to do is to assess your degree of risk and then decide what if any, action is necessary. To date we have not seen any new attacks on businesses in Canada that are related but we know that these are going on in other parts of the world. We have received several queries about what should be done in light of the increased risks of cybersecurity attacks given the events unfolding in the Ukraine. ![]()
0 Comments
Leave a Reply. |