Cyber-attacks have been on the rise year-over-year, with one of the most notable recent attacks being the barrage on Costa Rica’s governmental and public health systems from April into June.
One key aspect of any good cyber protection plan is cyber insurance. However, with increases in the number and severity of recent cyber-attacks, cyber insurance is harder to purchase and more expensive. In fact, since the start of 2022, we’ve seen premiums increase as much as 150%.
Currently, many cyber insurance providers won’t even give you a quote unless you enforce multi-factor authentication (MFA) across your network. MFA is one of the best ways to reduce your risk of account compromises and data breaches by cybercriminals.
However, a secure network doesn’t begin and end with MFA or cyber insurance. You can follow several best practices long-term to keep your business’s cyberspace safe.
Prevent cybercrime by following these best practices:
Remote Desktop Protocols (RDP)
Implementing RDPs can make it more difficult for criminals to access your remote business networks.
Implement Secure Sockets Layer/Transport Layer Security (SSL/TLS)
Both technologies use encryption algorithms to scramble data traveling between two systems. The data can be anything; credit card numbers, financial information, names, address, etc. Ultimately, SSL/TLS technology makes it much harder for hackers to read data as it travels across a connection.
Implement Anti-Distributed denial-of-service Mitigation (Anti-DDoS)
A DDoS is a computer attack that uses many hosts to overwhelm a server, causing a website to experience a complete system crash. This attack is often perpetrated by cyber hackers targeting large-scale, far-reaching, and popular websites to disable them — temporarily or permanently. A DDoS attack is typically accomplished by bombarding a targeted server with information requests, which disables the primary system and prevents it from operating. This leaves all other standard users unable to access the targeted website.
Implement Domain-based Message Authentication, Reporting, and Conformance (DMARC)
DMARC is the first and only widely deployed technology that makes the “from” address in an email trustworthy. Not only does it help protect your customers and brand, but it also discourages cybercriminals who are less likely to go after a brand with a DMARC record.
Implement Sender Policy Framework (SPF)
A sender policy framework, or SPF, is an email authentication protocol that allows a domain owner to specify which email servers they use to send domain-specific emails. Any brand that sends emails must publish its SPF records in the Domain Name System (DNS). These records list which IP addresses are authorized to send emails on behalf of their domains. SPF-protected domains are less likely to attract phishers and be blocked by spam filters, ensuring that legitimate email is delivered.
For additional information on cyber security and best practices, please visit Cybersecurity & Infrasctructure Security Agency and the FBI's Cyber Tips.