The holidays will soon be here. So, too, will legions of cyberattackers—targeting your customer and business information. While no company is immune from the damage these attackers cause, we’ve found that the simple proactive measures below are helpful in thwarting cyber threats. We’ve incorporated them into our company’s overall cybersecurity program and urge you to do the same.
- PATCH ALL HOLES
Make a list of common cyber exploitation tactics, techniques and procedures (TTPs) consistently and successfully leveraged by cybercriminals in the past year. Match them to your known vulnerabilities and ensure that they’re addressed. Also make sure recommended vendor patches are implemented and integrated successfully.
- AUTHENTICATE, AUTHENTICATE, AUTHENTICATE
Cybercriminals have successfully exploited databases and payment processing systems with remote access tools. The most common approach is to steal VPN credentials of users with privileged access and leverage them to log in to the network. Implement multifactor authentication on remote access devices and users, including third-party vendors with remote network acces, so that users are forced to periodically change their login credentials.
- SAY “NO” TO MALICIOUS LINKS
Spear phishing—including malicious links in emails that appear to be from familiar people or businesses—accounts for a large percentage of major cyberattacks. Deploying intelligent gateway solutions that analyze content in real time can help stop these malevolent URLs from reachingyour users’ inboxes. For more security, consider adding a solution that checks the safety of an emailed link when a user clicks on it. Finally, make sure all employees know how to recognize spear phishing attacks.
- STOP ATTACKERS IN THEIR TRACKS
Sophisticated cyberattackers spend time exploring your company’s network, identifying where customer data is stored and how it’s transmitted internally before being encrypted for external transfer. Review your network environment and make sure all firewalls, intrusion detection systems, remote access and antivirus logging are enabled.
- PRACTICE, PRACTICE, PRACTICE
Develop a detailed 24/7 cybersecurity response and communication plan. Make sure the key members of your cyber intelligence, threat analysis, fraud and investigation teams practice responding to cyber incident scenarios. Remember, there’s no such thing as too much practice.
Teamwork is important. Always remember, you are fighting with attackers who are well networked. Your cybersecurity depends on the strength of the weakest part of a network. So, it’s critical that you work together to build up your cybersecurity systems.
For more information or to connect with an expert, contact us at firstname.lastname@example.org.
Synchrony Financial has over 80 years of retail heritage. Synchrony Connect is a value-added program that lets Synchrony Financial partners tap into our expertise in areas beyond credit. It offers knowledge and tools that can help you grow, lead and operate your business.
This content is subject to change without notice and offered for informational use only. You are urged to consult with your individual business, financial, legal, tax and/or other advisors with respect to any information presented. Synchrony Financial and any of its affiliates (collectively, “Synchrony”) make no representations or warranties regarding this content and accept no liability for any loss or harm arising from the use of the information provided. Your receipt of this material constitutes your acceptance of these terms and conditions.
© 2015 Synchrony Financial. All rights reserved. No reuse without prior written consent from Synchrony Financial.