Firewalls and anti-virus entered the scene in the late 1980s. They have evolved over the last 30-40 years but much has changed since the days of Parachute Pants and the floppy disk, modern cyber-attacks are on a whole other level than the basic threats that firewalls and anti-virus were designed to prevent. I’m not saying there isn’t a place for them, they are still a must-have, but today these technologies need to be regarded as nothing more than the absolute bare minimum in cybersecurity.
Think of them like the safety features of the 1985 Oldsmobile Cutlass Supreme coup from the same era. It came with limited crumple zones, a padded dashboard to soften the blow to your head, and three-point seatbelts for front passengers (rear passengers made do with lap belts and face-planting it into the front seat).
Crumple zones and seat belts were definitely great ideas, they are still relevant today and save many lives every year. They are a must-have safety feature, but these days so are things like front and rear disc brakes, ABS, airbags, child seats, electronic stability control, and rear-view cameras. Just like the drivers of that Cutlass Supreme, when IT infrastructure is t-boned with a Ransomware attack, everyone wishes they had more than a padded dashboard to protect them.
Sadly, lots of organizations still believe that basic protection is all they need and face dire consequences when they are proven to be ineffective against the latest cyber-attacks. Here are three technologies that should be considered standard safety equipment for all IT environments in 2023.
There’s no earth-shattering news here, we all maintain backups of our important data… right? Of course we do, everyone knows they can be a lifesaver in the event of a hardware or software failure, or malicious attack. Unfortunately, what many fail to do is test their backups to make sure the data is available when it is needed. Between a quarter and one-third of companies, only find out that their backups have not been working properly when they need to recover data, and failure rates for backups are alarmingly high. The current rule of thumb for backups is to apply what is called a 3-2-1-1-0 backup strategy: have three copies of your data (the production and two backups) using two different types of media, keeping one copy offsite and one offline, and testing your backups on a regular basis to make sure there are zero errors.
Weak or stolen passwords are one of the most common causes of a breach, and Phishing is one of the most common cyber-attacks because it is easy to perpetrate and very effective. Multi-factor authentication helps protect against both of these threats by making it much harder for hackers to guess or steal authentication credentials or gain access to a user’s account. Almost every service supports multifactor authentication these days and secure apps like Google Authenticator and the Microsoft Authenticator app are free so there’s no reason to leave user accounts vulnerable to these simple and effective attacks.
Managed Detection and Response
Managed Detection and Response (MDR) combines continuous monitoring and threat detection with rapid response services. Designed to help organizations quickly identify, investigate and respond to cyber threats, MDR services use advanced analytics and automated tools as well as trained cybersecurity experts to detect and respond to malicious activity in real-time. MDR is able to prevent sophisticated modern day cyber-attacks, and just as importantly, helps organizations identify and respond to incidents quickly and effectively, reducing the time to resolution and minimizing the impact of a security breach. This approach can be especially helpful to smaller organizations or businesses that don’t have in-house cybersecurity expertise.
There’s a lot more that needs to be considered when building out a cybersecurity strategy but these three technologies are a great place to start and are our top picks for 2023.