Frequently Asked Questions

  • Website security is imperative to help protect sensitive information from bad actors. Unprotected websites will most likely experience website defacement, lost of availability, or an attacker taking complete control of the website. These threats can severely damage the reputation of the website and the organization. In many cases, the organization can experience a loss of revenue due to having a poor security reputation. Here are several common tasks to properly protect websites:

    • Securing domain ecosystems by reviewing Domain Name System (DNS) records, changing all default passwords, enforcing multi-factor authentication (MFA), and monitoring certificate transparency logs.

    • Securing user accounts by enforcing MFA on all internet-accessible accounts, implementing the principle of least privilege, disabling unnecessary accounts and privileges, and changing default usernames and passwords.

    • Scanning for and remediating critical and high vulnerabilities by patching all critical and high vulnerabilities within 15 and 30 days on all systems, scanning for configuration vulnerabilities for software vulnerabilities, replacing unsupported operating systems, applications, and hardware, and providing reports to management and C-level members.

    • Securing data in transit by disabling Hypertext Transfer Protocol (HTTP), enforcing Hypertext Transfer Protocol Secure (HTTPS) and HTTP Strict Security (HSTS), and disabling weak ciphers.

    • Backing up data by employing a backup solution that will continuously back up all critical data and configurations from the website in conjunction with securely storing the backup data and performing regularly tests.

    • Securing web applications by identifying and remediating the top 10 most critical web application security risks (i.e., OWASP) and then moving on to the other less critical vulnerabilities, enabling logs and regularly auditing website logs to detect security events or improper access, and implementing MFA for user logins to web applications and the underlying website infrastructure.

    • Securing web servers by using checklists, using applications that allow listing and disabling modules or features that provide capabilities that are not necessary for business needs, implementing network segmentation and segregation, and knowing where the devices (e.g., laptops, tablets, and mobile phones) are.

  • • Network security is essential to help reduce the risk of falling victim to data theft and sabotage from bad actors. The disadvantages of unsecured networks include harmful spyware on workstations, unmanaged/untrusted workstations, and unsecured shared data. The advantages of securing networks include gaining and maintaining clients’ trust and following cybersecurity standards. Here are common tasks of properly securing networks:

    • Administering, troubleshooting, and managing hardware, software, and/or services.

    • Evaluating problems and monitoring networks to ensure availability to users.

    • Designing and assessing network requirements.

    • Planning, implementing, and coordinating network security measures by installing security software and potential breaches.

    • Performing vulnerability analysis and penetration testing to check for vulnerabilities and sensitive information shared with the public.

    • Assisting a compliance team with their security policies and procedures.

  • The importance of WiFi security is to protect devices (e.g., routers, switches, and access points) and networks connected in a wireless environment against bad actors. Unsecured WiFi connections allow bad actors to spy on anyone connected to the network. These bad actors may have access to identifications, passwords, and other sensitive data without having the organization aware of it. It also allows them the ability to install malware on any device, which can result in many common cyberattacks such as ransomware, phishing, DDoS, etc. Here are common effective tasks to improve WiFi security:

    • Changing default passwords for network devices.

    • Incorporating a MAC address whitelist for added WiFi security.

    • Encrypting WiFi networks and devices with strong WPA passwords.

    • Using Virtual Private Networks (VPNs) while on untrusted networks.

    • Providing cybersecurity awareness training to all users such as using public WiFi (i.e., coffee shops, shopping malls, etc.) phishing, spear phishing, and spoofing.

  • Protecting against Social Engineering

    • The importance of protecting against social engineering is to avoid exposing sensitive information from an organization to a potential bad actor. Social engineering is a method bad actors use to manipulate users to divulge sensitive information such as credit card information, social security numbers, and medical record numbers. It is one of the most simple, effective methods because bad actors interact with a human – not a machine. A machine is built with security and it is consistently updated to ensure vulnerabilities are patched and defenses are up-to-date. However, a machine is unable to defend itself against human error. These bad actors use humans to go against their better judgment and defy common sense. There are several manipulative tactics such as shoulder surfing, dumpster diving, piggybacking, and phishing. Here are the common tasks to protect against social engineering:

    • Properly train all users by identifying phishing emails, creating strong passwords, and understanding malicious tactics such as phishing

    • Monitor security logs.

    • Assist a compliance team with password policies.

    • Monitor physical security.

    • Provide password management.

    • Provide user training assessments/reports to management.

    Phishing

    Phishing is a malicious tactic used when an attacker poses as a trusted person or organization to trick the victim into sharing sensitive information or sending money. Here are several tips to prevent phishing:

    • Always check the sender’s email address, phone number, and address are legitimate

    • Hover the link address and make sure it is a secured site

    • Send a phish alert or notification to the IT department for a review

    • If you know the sender, reach out to the sender by phone or meet in-person

    • Ask within the department if they received the same email

    • Never respond to urgent emails asking for sensitive information such as credit card information, social security numbers, and medical record information

    Defend Against Social Engineering

    The best defense is to know and always remember cybersecurity awareness! Here are several tips:

    • Do not reveal information

    • Verify caller identity

    • Social media awareness

    • Email training

    • Web browser training

    • Strong passwords

    • Password policies

    • Protect PII

    • Physical security

  • The importance of email security is to protect email accounts and communications against phishing attacks, spam, spoofing, and the spread of malware. Email is the main component of communication because it is quick and easy. Bad actors can easily impersonate a sender or manipulate the email content in the form of body copy, attachments, URL addresses, or a sender’s email address. Here are common tasks to provide email security:

    • Spam filters will allow users to whitelist or blocklist senders, release or delete spam emails, etc.

    • Email encryption, which will disguise the content of email messages in order to protect sensitive information from being read by anyone other than the intended recipients.

    • Multi-factor authentications (MFA) will add an extra layer of security to logging into email accounts.

    • Anti-virus protection will help remove any potential malware from phishing, spoofing, etc.

    • Secure Email Gateway (SEG) will help monitor emails being sent and received, and it will help protect against zero-day attacks, spam, malware, etc.

    • Train all users on how to identify and avoid malicious attempts from bad actors.

  • The importance of overall user training is to help users understand proper cyber hygiene and security risks associated with their actions. Also, it is important for users to identify cyberattacks they may encounter. Human error is one of the most critical cybersecurity breaches. Here are the most common human errors:

    • Granting incorrect access

    • Uploading wrong files

    • Sending unencrypted sensitive information

    • Sharing passwords

    • Neglecting updates

    • Mishandling information

    • Abusing privileges

    • Using a work email address as personal

    • Losing devices (or stolen devices)

    • Improperly disposing of files

    Users who aren’t aware of cybersecurity obligations are prone to ignore relevant policies and procedures. This will likely affect the organization’s assets, reputation, and clients’ trust. Here are the common topics covered in training:

    • Recognize and deal with potential phishing emails.

    • Create strong passwords and avoid using personal passwords.

    • Protect sensitive information of customers, clients, etc.

    • Understand compliance such as PCI, HIPAA, etc.

    • Recognize threats that may come from inside the organization.

    • Recognize attackers who may impersonate managers or executives to defraud the organization.