9. Continuously monitor in real-time the security of your organization’s infrastructure
10. Deploy web application firewalls
11. Permit only authorized wireless devices to connect to your network
12. Implement Always On Secure Socket Layer (AOSSL) for all servers requiring log on authentication and data collection.
13. Review server certificates for vulnerabilities
14. Ensure all updates and patches verified/signed coming from a trusted source.
15. Back up key data to offline storage.
16. Develop, test and continually refine a data breach response plan.
17. Establish and manage a vulnerability / threat intelligence reporting program.
18. Complete an inventory of all IoT (Internet of Things) devices
19. Benchmark your company’s security posture with third-party assessments.
20. Bake DDoS protection into your business incident response plan.…show more content… To enter a normally closed space, the intruder can simply check if the door is not open and in the negative wait for a person to enter or exit to hold the door and slip inside.
A locked door with a motion sensor can be opened by an electronic cigarette by throwing projected smoke under the sensor blade. Some liquids can also open it.
Another tactic is to present yourself as a member of the IT department come to update. No need for password, the post is already open. This attack worked on bank desks of an agency.
2. Social engineering
This method consists of identifying employees on social networks, collecting information about them that will be exploited in emails to encourage them to click on a malicious link or download a document containing malware. Hackers build attacks based on information that people share on LinkedIn, Facebook, or Twitter. It is enough for a single employee to succumb to the temptation for the cybersecurity of the company to be
