How can businesses improve their cybersecurity preparedness? Digital Journal has heard from the cybersecurity expert JP Perez-Etchegoyen, Chief Technology Officer at Onapsis ahead of October’s Cybersecurity Awareness Month. This is a U.S.-centric series of events organised by Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA).
These events are aimed at both individuals and businesses and are designed to promote best cybersecurity practices.
Such practices include using strong passwords and a password manager. Here, strong passwords are critical to protecting data. In addition, technology users should be encouraged to turn on multifactor authentication.
Perez-Etchegoyen focuses on the importance of companies reassessing their preparedness for a cyberattack. Here he states: “This year’s Cybersecurity Awareness Month serves as a timely opportunity for companies to reassess their cybersecurity practices. The significance of cybersecurity has grown even more pronounced in the face of ransomware and supply chain attacks that have affected organizations of all sizes and sectors. Just considering the number of cyberattacks, research indicates a 38 percent increase from 2021 to 2022.”
Not only do businesses need the right technologies they need to be able to harness these at the right time. Perez-Etchegoyen says: “The ability to ensure business continuity and safeguard brand reputation now hinges on an organization’s capacity to enhance the availability of business operations, of which a critical part are its business applications, while also embracing innovation and integrating security and compliance into their operations.”
It is also necessary to target the most important areas of the business. In terms of key areas, Perez-Etchegoyen considers: “Special emphasis must be placed on safeguarding critical web applications since cybercriminals continually identify and exploit vulnerabilities in this area. Such vulnerabilities not only risk data exposure and theft but can also result in complete system downtime until necessary updates are deployed. This system downtime, when it comes to business critical applications, equates to business disruption, potentially resulting in millions of dollars in losses.”
Considering the focal points for the 2023 cybersecurity event, Perez-Etchegoyen draws on: “With the theme “it’s easy to stay safe online” in mind, enterprises must evaluate all elements within their IT landscape to detect any potential cyber threats. This includes identifying unpatched systems, addressing permissive access controls, securing integrations, and rectifying any misconfigurations.”
Returning to the theme of timeliness the expert empathises: “Prompt action is vital to shield mission-critical applications and the overall business from sophisticated cybercriminals. Organizations should also incorporate a robust business application security program into their cybersecurity strategy, ensuring complete visibility into applications for high-priority patching, vulnerability assessments, and security protection.”