Darkreading reported “some organizations refuse to buy cyber insurance out of the misguided notion that they don’t “need” to worry about being hacked, this mindset isn’t entirely at fault….many enterprises have been left high and dry by cyber-insurance policies that didn’t fully protect them after a major cyber attack.” The August 21, 2017 article entitled “The Pitfalls of Cyber Insurance” included these 10 strategies to protect all business from cyber criminals:

  1. Keep all software and operating systems updated (remember, WannaCry and NotPetya both attacked older versions of Windows)
  2. Run robust, up-to-date antivirus software
  3. Maintain compliance with industry and regulatory standards like HIPAA and PCI-DSS
  4. Continually monitor networks for suspicious activity, 24 hours a day, 365 days a year
  5. Have in-house and/or remote security staff on hand at all times to respond to anomalies and attacks
  6. Have a comprehensive, written cybersecurity policy that is regularly reviewed and updated
  7. Train all employees on cybersecurity best practices, such as how to spot phishing emails
  8. Control physical access to sensitive areas on its premises, such as server rooms
  9. Utilize other controls, such as firewalls, network segmentation, and encryption as appropriate
  10. Perform regular backups so that systems can be restored in the event of a ransomware attack, or even a natural disaster like a fire or flood

What will you to help help avoid cyber disasters?