Defend Your Time: 10 Steps to Improve Your Security Posture in 60 Days

In this episode, Asael Baez, an IT security leader for an enterprise manufacturing organization shares his top recommended steps to improve your organization’s security posture. 

One of the first steps Asael recommends is to use the Cyber Security Evaluation Tool (CSET) provided by CISA. This self-assessment tool helps identify gaps in your security posture and provides a roadmap for improvement.

Ten Steps to Enhance Your Security

1. Set up Alerts Ensure that critical alerts, such as device or account compromises, are not only sent via email but also as text messages. This helps in prompt action and minimizes the risk of missing important alerts.
2. Phishing Email Response Set up alerts for reported phishing emails to ensure they are addressed within minutes. This proactive approach helps in mitigating threats quickly.
3. Geographical Email Blocking: Block emails from countries with which your company does not do business, especially those known for cyber threats. This reduces the risk of receiving malicious emails.
4. Impersonation Protection Enable impersonation protection to prevent threat actors from impersonating high-level employees. This feature is available in Microsoft Defender and helps in blocking such attempts.
5. Priority Protection for High-Value Accounts Use priority protection for high-level executives and frequently targeted accounts. This adds an extra layer of security through advanced AI and machine learning.
6. Cybersecurity Awareness Training Conduct regular phishing simulations and follow up with employees who fail these tests. Continuous training helps in building a security-aware culture within the organization.
7. Vulnerability Patch Management Implement a robust patch management program to identify and address vulnerabilities promptly. Regularly scan your environment and prioritize critical patches.
8. 24/7 Monitoring Ensure your environment is monitored 24/7. Partnering with a managed security service provider can help in addressing threats even when your team is not available.
9. Automated Isolation and Investigation Shift from investigating first to isolating first for high-severity alerts. Use automation to isolate devices immediately and then investigate to prevent the spread of threats.
10. Be Prepared for Emergencies Always be ready to respond to incidents, even when traveling. Ensure you have access to necessary tools and connectivity to address any security issues promptly.