2019 has been a record breaking year for data breaches and exposed records. As we end 2019 and look forward to 2020, it is vital that your company creates a comprehensive plan to help protect the integrity of your data. If there is anything 2019 has taught us thus far, it is that breaches can happen to any company large or small.
There were 5,183 data breaches reported with 7.9 billion records exposed in just the first nine months of this year, according to Risk Based Security, which tracks publicly reported breaches. That’s an increase of 33.3% in breaches and 112% in total records over the same period in 2018.
Many of the same threats that were prevalent in 2019 are expected to remain a concern in 2020. Below are a few suggestions to begin your organizations cybersecurity planning for 2020:
Create and enforce cybersecurity policies and plans within your organization.
An important step in protecting your organizations data is to create policies and within your organization that will help keep your data protected. Sit down with your IT and/or security solution staff/provider and discuss what policies and plans you can set into place right away to protect your data.
Some recommended policies and plans include:
Password regulations that require complex passwords/passphrases and regular changing of ALL account passwords.
Multi-factor authentication (MFA) on all accounts applicable.
Use of a VPN that requires employees to access the VPN for all work related computer usage outside of the 4 walls of your organization
Turning on Advanced Threat Protection in Outlook to utilize all security tools
Create and review your organizations business continuity plan and disaster recovery plan. Make sure that your data is backed up in a secure location.
Implement a timely and effective security patch management program
Ensure your employees are properly educated on cybersecurity.
Another important step in the 2020 planning process is to establish how you will ensure that your employees are trained to avoid falling victim to phishing and other cybersecurity schemes.
Here are some training recommendations:
Include cybersecurity awareness training (here is our free certification program) in your employee on-boarding procedures.
Regularly discuss cybersecurity in company meetings and keep it top of mind for ALL employees.
Post relevant cybersecurity reminders throughout your organization digitally and printed.
Use phishing software such as Knowbe4 to regularly test and train your employees on cybersecurity and generate reports to keep track of how your organization could improve your cybersecurity awareness.
While no solution is fool proof. It is important to put forth as much effort as possible to decrease your organizations chances of a data breach. If you have any questions about how you can better prepare for 2020 reach out to us today and we can help you begin the planning process.