Business owners should view their cybersecurity programs as two-tiered endeavors. One tier requires having the right equipment and software in place to fend off cyberthreats. The second requires having a maintenance plan in place to ensure the equipment and software are doing what they’re supposed to be doing over time.
Why might your cybersecurity equipment and software -- firewalls, intrusion detection systems (IDS), and anti-malware applications -- not continue to keep you safe over time? It’s because hackers’ schemes to get inside your defense perimeter are constantly evolving, and what was keeping you protected yesterday may not be keeping you protected today.
That’s not to say you need to reexamine your cybersecurity equipment and software on a daily basis, but they do need to be evaluated at some regular interval.
How frequently should cybersecurity be assessed?
Not every aspect of your cybersecurity program is the same in terms of vulnerability or damage potential. For example, your data-backup software should be checked every morning to ensure it’s turned on and files are getting backed up to the correct location and can be easily restored in the event of a breach. This was the case, fortunately, for East Hartford’s school system and it led to a comprehensive assessment of their IT infrastructure.
On the other hand, your password-strength policy and individual employees’ login credentials probably wouldn’t need to be reviewed five days per week. Rather, a company-wide email from your IT department or Managed Services Provider (MSP) reiterating the rules for usernames and passwords is sufficient on a quarterly or semi-annual basis.
Here’s a rough guideline of how frequently three of the most critical areas of your cybersecurity program should be assessed:
|Security Category||Assessment Type||Frequency|
|Network Security||Penetration testing||Annually|
|Firewall configuration check||Quarterly|
|Anti-Malware||Anti-malware patch & licensing check||Quarterly|
|Email anti-virus & anti-spam testing||Monthly|
|Compliance||Formal regulatory standards review||Annually|
|Data recovery & business continuity check||Quarterly|
Meeting data compliance mandates consistently
Data compliance is the one aspect of IT where you’ll really benefit from outsourcing your cybersecurity assessments. This is because regulations pertaining to customer information are strict, they are subject to change at any time with scant publicity, and they are oftentimes confusing. And, violations can result in huge fines and even jail sentences.
In particular, HIPAA and Sarbanes-Oxley can place a fairly complex burden on the IT networks of healthcare and financial services organizations, respectively. But if you partner with an MSP like Charles IT, you’ll be working with specialists whose audits ensure your data’s security, privacy, and administrative handling have been properly maintained since the previous audit.
As you can see in the table above, the recommended time frames for specific assessments vary due to the wide range of tasks with differing severities. Identifying deficiencies, updating policies and procedures, training your staff, and enacting remediation plans when breaches are discovered are all core components of compliance and require a fair bit of expertise.
Maintaining cybersecurity equipment & software
Regular cybersecurity assessments should look at not only firewalls, IDS, and anti-malware applications, but anything else on your network that’s vulnerable to exploitation. This would include your Internet routers, which have been in the news in 2018 for being targets of Russian malware.
In that case, hackers perpetrated “man-in-the-middle” attacks in order to spy on network traffic, intercept data, and carry out a slew of other nasty commands. On the bright side, it’s an ordeal that illustrates how a robust cybersecurity program can help keep businesses safe.
As we mentioned, not every piece of equipment and software requires daily assessments, but some things certainly benefit from it. Data backups would be one, Internet routers another, with standard practice being to reboot them regularly to keep them operating at peak performance -- and, as it turns out, rebooting was the FBI’s recommendation for getting rid of the Russian malware.
Proactive cybersecurity measures
When cybersecurity programs include proactive routine maintenance with regular assessments, there is a far greater chance that anomalies like malicious network traffic will either be detected or eliminated outright -- even if the latter occurs without anyone’s knowledge.
Proactive cybersecurity is again on display in the state of Connecticut’s Cybersecurity Action Plan, developed by Governor Malloy’s office this year in response to a cyberattack on the networks of 12 different state agencies. It is intended to “establish annual review and assessment processes” and “give Connecticut businesses a competitive edge.”
The state seems to agree that cybersecurity assessments can help keep you safe. Get in touch for a preliminary consultation on what your business needs to stay protected against hackers’ constantly evolving threats.