Developing a Security Stack

As the digital landscape continues to evolve and grow more complex, so does the need for cybersecurity. Protecting your company’s data should be a top priority, as the average data breach costs around $4 million. Most companies don’t have that kind of collateral on-hand.

So how does one go about protecting their data, their employees and their network? Through comprehensive cybersecurity and a strong tech stack.

The National Institute of Security Standards and Technology (NIST) at the U.S. Department of Commerce breaks cybersecurity into five parts: identify, protect, monitor, response and recovery. Applying processes and solutions to these key concepts can help any business, large or small, build a comprehensive security stack.

  1. Identify

To know what should be kept out of your network, you need to have a comprehensive list of users and devices within it, along with what kind of data access they have. All users should use strong passwords with multi-factor identification (MFA) to provide stronger protection. Since most businesses have multiple apps, databases and programs that require logins, consider using single sign-on technology (SSO). This type of technology consolidates multiple logins through a single secure channel, allowing users to access multiple resources without signing into each individually.

  1. Protect

The protection component covers what most people would think of when it comes to security. This includes preventative programs such as firewalls, antivirus, spam filtering, network encryption, etc. Digital ecosystems are vast and complex, and each component requires its own set of protections.

  1. Monitor

Cybercrime is constantly changing, finding new ways to exploit security weaknesses and extract data from authorized users. Preventative measures are not enough; your security stack must be proactive with 24/7 monitoring on alert for suspicious activity. Establish a security operation center (SOC) that can help detect, prevent and respond to security breaches as well as run day-to-day tasks like executing anti-phishing tactics 24/7.

  1. Respond

It is better to operate under the assumption of “when” there is a data breach rather than “if.” Think of it as a fire drill for your network. You hope it never catches fire, but you need to know what to do in case it does.

Have comprehensive processes in place for what to do in the event of a security failure. These should include next steps, who to report the breach to, how to communicate the issue with your employees and customers, and measures to take to protect the rest of your network until the issues have been dealt with.

  1. Recover

Data backup and recovery is another part of security you hope you never need but would be doomed without. It’s imperative that you always keep up-to-date backups of all your critical data in a secured storage, be that through a service or a dedicated backup server. These assets will be crucial in helping you resume normal operations after an attack while losing as little data as possible.

Going Beyond NIST Standards: The Human Layer

Another less technical element of cybersecurity is known as “the human layer,” in other words, your employees. According to Verizon’s Data Breach Investigations Report (DBIR), 85% of data breaches involve a human element.

If your employees aren’t educated about basic security precautions, you’re just one lousy email link away from possibly millions in damages. Running routine security exercises, like intentionally sending fake phishing emails, is an excellent way to teach employees the bare bones of email security and understand which employees are following your data security protocols. Requiring consistent password updates and holding security briefings on the latest scams and tactics are good methods for keeping employees informed without overwhelming them with technical nuance.

Stay Vigilant

Technology is constantly changing and evolving. From a security perspective, with every new device and software update comes the risk of new ways criminals can break in and access things they shouldn’t. This means that cyber security, and by extension, your security stack, should never stay static. It is vital that you stay updated and stay vigilant.