Why 2021 could shape and influence Cybersecurity practices in the future
It is safe to say that 2021 has in many ways been a tough year for cybersecurity. Now for the veterans who have been on the frontlines of these battles for years, you might scoff at that. Without a doubt, there have been plenty of notable cybersecurity incidents in previous years that caused considerable damage.
However, none of those incidents seemed to have the effect that this year’s attacks have. Following the cyberattack on the colonial pipeline, which directly affected a large portion of Americans in an unprecedented way, the Whitehouse released an executive order on cybersecurity. The executive order, which you can read more about here, contains a variety of new cybersecurity mandates. But there is one, in particular, that should get small businesses’ attention.
That mandate states that the federal government needs to “Modernize and Implement Stronger Cybersecurity Standards in the Federal Government. The EO helps move the Federal Government to secure cloud services and a zero-trust architecture and mandates the deployment of multifactor authentication and encryption within a specific time period.”
By and large many inside the industry including Greystone Technology believe this is welcome news and that we need stricter cybersecurity regulations.
How this affects you and what you can do about it
Now the reason why this should get your attention is that this in many ways is a preview. A foreshadowing of what future legislation around cybersecurity could look like. To start these requirements will only extend to federal organizations like the parks department. But looking towards the future it’s not very far-fetched to think these kinds of cybersecurity standards could be legally required.
Adding a wrinkle into this mess is the fact that many of these threats originate from state-sponsored hacking groups. This is something that many inside the industry have long suspected, and Microsoft went so far as directly accusing China of the exchange server hack. However, there had not been a public declaration from the U.S. government until Monday.
On Monday the United States along with a coalition of nations publically condemned China for the Microsoft Exchange Server Hack.
For a business owner worrying about geopolitics, state-sponsored hackers, and future cybersecurity legislation can be a bit much to add on top of running a business. That is why now perhaps more than ever each business needs a trusted technology partner.
Our Common-sense Cybersecurity services meet and exceed the mandate contained within the executive order. These are the core protections that we recommend for every client:
- Multi-Factor Authentication: Using a method of authentication in addition to your password when logging into key systems.
- Security Awareness Training: Automated testing and training of staff to bolster human awareness to identify security threats and phishing attempts.
- DNS filtering: Organization-wide internet filtering preventing traffic to known malicious sites.
- Advanced Endpoint Protection: Behavior-based endpoint software with 24/7 monitoring by a security team.
- Dark Web Monitoring: Consistent monitoring of compromised usernames and passwords being sold in the digital black market.
If you are not 100% confident that you have the above protections, contact us today!
