We all know that there are certain tasks we do every day to take care of our bodies. Handwashing to prevent disease is at the forefront of our minds due to the current COVID-19 pandemic, but there are many other practices we undertake to stay healthy. Hygiene isn’t just for our bodies; by taking care of some basic security tasks, we can help our networks and organizations stay secure against cyber threats.
These cyber hygiene habits are essential for any business in the 21st century, but for some industries, they may also be required by compliance regulations. The upcoming Cybersecurity Maturity Model Certification (CMMC) regulations for defense contractors and suppliers require some basic cybersecurity hygiene at even the lowest levels of the model. Here are just a few practices to stay cyber-healthy:
When a software vendor discovers a vulnerability, they put out a patch to resolve it. Just like you’d put a bandage on a cut to keep the wound from becoming infected, ensuring that any software you use has the latest patches can help keep bad actors from infiltrating your system. 2017’s NotPetya attack, which was the most costly cyber attack in history, is a classic example of malware taking advantage of unpatched systems to wreak havoc. If you receive notice from a piece of software you use that a patch is available, be sure to install it as soon as possible.
Scheduling regular scans of the individual machines on your network using reputable antivirus software is a good way to nip threats in the bud. Think of it like getting a checkup, just more often. Be sure to keep your antivirus software updated!
Email is still the number one way hackers and other bad actors gain entry to systems. Cyber criminals use social engineering to con people into clicking a malicious link or downloading a malware-ridden attachment, which can lead to a broader attack of your network. These messages can come via social networking, too—make sure your team has training on how to recognize social engineering and phishing tactics. And hey, don’t click that link or download that attachment. You don’t know where it’s been.
Periodically, take a close look at the machines and software on your network. Is everything still necessary? Does any hardware need to be replaced? Is any software outdated or end of life? Taking regular, hard looks at all the components of your network, both software and hardware, will help you stay on top of vulnerabilities.
Seriously. We’re still in a pandemic, you know.
The new CMMC regulations will affect both defense primes and subcontractors, even at the lowest levels. The CMMC Academy, powered by Celerium, can help you prepare. Register for the academy today!