Cyber defense is all about the offense

The Key to Cyber Security Lies in Preparation and Prevention

 By Kayla Elliott, PR & Marketing Manager, PC Matic Pro

Best practices.  Every organization has them, right?  What employees should be doing, in regard to topic X, Y,  and  Z.  But do they exist for cybersecurity?   Can they be found in the employee handbook? One would assume so since in almost every organization, every employee has access to some form of technology – computers, servers, routers, Internet of Things (iot) devices, or perhaps even those who bring their own devices (BYOD). With the increased importance placed on technology in normal business practices, it is critical employees understand best practices to maintain cybersecurity.

Best  practices for  cybersecurity      

There are five major best practices every organization should be implemented to ensure their data and devices remain secure.

  • Keep all third-party applications and device operating systems (OS) updated
  • Implement a default-deny approach, also known as application whitelisting
  • Cybersecurity training for all staff
  • Conduct IT administration audits
  • Ensure proper backup procedures

Seems easy enough, right? Next, we’re going to take a deeper dive into each of these best practices, and how organizations can implement them for advanced cybersecurity.

Updates galore        

If updating systems and programs went off flawlessly, there is no doubt organizations would be installing these updates in a timely manner. The fact is, installing updates May lead to additional issues for users. Therefore, testing is required before these updates are initiated. Unfortunately, this testing may be time-consuming, and/or fall on the backburner if other IT needs to take priority.

Companies are encouraged to have a designated IT staff member in charge of application and OS updates. Rolling out an entirely new OS  will take time and significant testing. Updating your current antivirus shouldn’t take long at all.  However,  both should be tested to ensure there are no negative repercussions as a result. Now, what if you only have one IT staff member? They likely don’t have time to conduct the testing or roll out the updates, but simply not doing it is not an option.  These businesses should be looking into managed services options to assist with updating and patching their systems.

Application whitelisting   

Implementing an application whitelist approach will only allow known trusted programs to execute on the server or endpoint the whitelist is installed on. Fortunately, there are antivirus programs that integrate this approach into their malware detection. Although completely changing your security approach may be intimidating, the rate of malware infections, including ransomware attacks significantly drops with the use of an application whitelisting agent. Businesses are encouraged to find a security program that will not only help with the installation and initial deployment but also maintain support. Not every solution has this, so be sure to ask questions

Staff  cybersecurity training     

Human error is one of the biggest cybersecurity risks organizations are facing.  It is also something that is, to a certain extent, completely unmanageable. People are not machines we can train to only click on certain things, or only visit certain pages. Understandably, the IT department can put certain restrictions on websites employees can visit and what networks they have access to. However, they cannot control what emails they open, or what attachments they download. This is why training is so important.

Users need to understand what the current threat landscape is, and what red flags they need to look out for to prevent falling victim.  This training should be across the board for all employees – especially those with daily computer access, business email accounts, and employees with administrative access rights.

IT admin audits   

Audits – ugh! No one likes them. It’s not a well-kept secret.

That being said, they can be incredibly helpful for identifying security holes and ineffective procedures, as well as optimizing various processes throughout the organization. IT administrative audits should take place every few years at a minimum, with continued procedures in place to monitor employee access rights, escalation procedures, disabling employee access post-employment, etc.

But how does this play into cybersecurity – specifically cyber attacks?  Often times, when a company experiences a malware attack, it begins with a single mouse click from an employee. Depending on that employee’s access, it may easily spread throughout the network. What if this person had access to systems they didn’t need access to, and now those systems are infected? It happens all the time. This confirms why monitoring network administrative rights are critical, primarily for disabling unnecessary rights granted.

In addition, monitoring who has remote access to the company’s systems is imperative.  As mentioned previously, the BYOD craze is in full motion.  Giving anyone and everyone the right to remotely connect to company systems through their computers or iot devices, is incredibly risky. IT administrators have no idea what, if any, security protection is on these devices. They also don’t know if they’ve already been infected. Putting controls in place to mitigate this threat is imperative.

Data backups  and  backup procedures  

Keeping timely backups of data is half the battle. Keeping those backups secure and having a procedure in place to restore any corrupted files is critical as well. Backups should take place every hour. Those backups should be stored either in the cloud, or on an external device. It is also imperative businesses have a  disaster recovery plan. This may be in case of a natural disaster, cybersecurity attack, or corrupted hardware. This disaster recovery plan, at a minimum, should include where the backups are located, how they will be accessed, and who is responsible for the restoration process.


There is no silver bullet when it comes to cybersecurity.  Instead,  there  are  pieces to  the puzzle. Those pieces include keeping systems and programs updated, enhancing security measures with the use of an application whitelisting agent, staff cybersecurity training, IT administration audits, and backup data procedures. So, the question left to answer is, how many pieces of the puzzle are you missing?

About the Author

Cyber defense is all about the offenseKayla Elliott is the PR & Marketing Manager for PC Pitstop, the makers of PC Matic Pro.Kayla has over five years of marketing experience and has worked in the cyber security industry for approximately three years.Kayla can be reached online at [email protected]  or via LinkedIn at elliott-1b424149/.

April 12, 2019

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

12th Anniversary Top InfoSec Innovator & Black Unicorn Awards for 2024 are now Open! Finalists Notified Before BlackHat USA 2024...