Cybersecurity is the branch of Information Technology that deals with minimizing the cyber risk by increasing the protection of a business or organization. The actors that play the cyber role are:

• Users: are users of a business educated about the potential risks involved in a network breach?
• Systems: how are the devices used in a business network protected against a malicious activity?
• Data: what data the company uses and stores that can potentially lure hackers in crafting a blackmail after hitting the network with ransomware?
• Surroundings: How is physical security implemented and monitored against non authorized people?

Cyber and network security should be first of all considered with an holistic approach: if it’s true that the times of simply buying an antivirus are gone, network security is a process that gets improved over time because businesses can not lose the trust of their customers. For example, if a retailer is hit by a breach that provided credit card numbers to hackers, the retailer can regain the trust of its consumers by becoming, for example, a leader in adopting and enforcing new security standards.

If an employee clicks on an infected link in a malicious email, who do you think is at fault? The employee or the employer? I would say that first the employer is to blame because I have seen too many cases or businesses running with gmail or aol or hotmail. You cannot run a business with an email generally used by home users because the security implemented for home users is not the same as the security features that are present in a business email. Secondly, a weak email security is the first port of entry into a network for spammers and hackers who constantly scan networks in search for vulnerabilities to exploit. Furthermore, an employer who has taken the first steps towards securing the business emails should also have the IT team train users on how to avoid phishing, spam and spoofing attacks. For example, business email providers such as Microsoft and Google Workspace have specific sections of their admin portal devoted to the topic of the impersonation, which is one of the most successful attacks conducted by hackers.

Learn how to recognize spoofing emails by just simply hovering with your mouse on the link and you will realize that the message you have just received is not really coming from the organization you believe just sent you that message.

Securing a network means also to establish policies to authorize users and only grant access to the established users. For example, employees are not the only ones who access the network on a daily basis, but vendors and contractors access systems in different ways. It’s up to the IT department to determine the level of trust towards external entities that do business within the main network.

At the internal level, users should only have standard computer accounts and should all have multi factor’s authentication and pin numbers enabled for all the software that they are using on a daily basis.

A good move is to segment a network: for example, if the main network has the IP range of 192.168.1.1/254, with a firewall or a network switch that supports VLANs, the IT people can isolate the main network and put more sensitive devices on another network, such as the one that has different octets, like 192.168.34.1/254. This way, if an intruder gets into a network, it cannot get into another one because the networks differ from each other.

Consider also how mobile devices access the business network: if a BYOD device access the office network via a WIFI, it is recommended to give that device access to a network that has been already segmented, as discussed above. In addition, Mobile Device Management (MDM) is that part of IT security that deals with securing Iphones, Android phones, Ipads and tablets. MDM and VPN should be the way to go to secure a mobile device that connects to the business network.

Back to the devices that are enabled in the network, IT department should keep regularly up to date the operating systems and the third-party software. For example, if you run Windows 10 or WIndows 11 updates, you should also run Microsoft Office updates. Enabling automatic updates whenever possible will allow help desk to work on more intensive security tasks.

A further step towards reducing risk is the removal of unsupported hardware and software. If there are still machines running Windows 7, consider upgrading the computers to the current operating system and if you still need to have that old machine in your network, put that computer in a segmented network so that its vulnerabilities will not reach newer devices located within the same network.