Cyberattacks on businesses increase around 30% during holidays and continue to stay elevated through year-end and into the new year. This is due to multiple factors such as businesses slowing down, fewer staff on hand, and more distracted workers. So, in today’s blog, we’re sharing a practical holiday and year-end cybersecurity checklist businesses can use to reduce the risk of phishing scams, ransomware attacks, and other common cyber threats.
1. Avoiding Phishing Scams
One of the most common and successful attack methods during the holidays is phishing, making it a logical place to start for our cybersecurity checklist. Phishing attempts have risen by as much as 400% during the holiday and year-end period. There were an estimated 8 million phishing attacks every day during the 2021 holiday season.
Businesses can avoid phishing scams by:
- Not clicking on suspicious links
- Double-checking the sender
- Avoid responding to messaging with urgent or threatening language
- Ignoring offers that are too-good-to-be-true
Having regular cybersecurity awareness training sessions with your team or implementing some form of email monitoring will drastically reduce your chances of being compromised by phishing scams this holiday and year-end period.
2. Lock Down Logins with MFA
Even with phishing defenses in place, stolen credentials are still a major risk, which is why securing logins is next on our cybersecurity checklist.
We strongly encourage businesses and individuals to use multi-factor authentication (MFA) for every account. In one survey, almost two-thirds of small businesses were not using MFA and didn’t plan to implement it in the future. This is shocking since MFA is very easy to implement and Microsoft says it helps prevent 99.9% of attacks.
MFA is like another layer of defense for your account. If an attacker somehow gets your login credentials, they cannot access your account without that MFA code.
Enforcing stronger MFA for all users is a quick and effective way to stay secure, hence why it makes our cybersecurity checklist.
Photo by Microsoft
3. Tighten Admin Access
Once accounts are protected, the next step in our cybersecurity checklist is to limit how much damage an attacker can do if access is gained.
An estimated 76% of organizations do not have full visibility into their access policies. This includes understanding which policies exist, where applications are deployed, and who does and does not have access. Organizations that have no visibility into who has access to what data make it easy for an insider threat attack to occur.
To tighten admin access, your business should:
- Review who has admin rights, and remove anyone who doesn’t truly need it
- Disable stale accounts, such as ex-employees and old vendors
- Limit vendor access to only required systems
- Use least privilege for shared folders and financial systems
These steps alone can limit the severity of an attack if an account were to be compromised.
4. Verify and Test Data Backups
While preventative controls reduce risk, backups determine how well a business can recover in the event of a cyberattack. Because of their importance, backups are a critical part of any cybersecurity checklist.
Having backups is one thing, but verifying and testing data backups is one of the most important steps you can do for your business. Backups are a safety net in case of cyberattacks such as ransomware attacks or even a natural disaster.
One study found that nearly 60% of data backups for small and medium-sized organizations fail when they are needed most. Backup failures can be caused by unreliable hardware, human error, cyberattacks, and failure to test and monitor backups. To ensure your backups are available when you need them, follow these steps:
- Confirm backups ran successfully within the last 24 to 72 hours
- Test at least one restore
- Make sure credentials are separate from normal admin credentials
Testing your backups is the difference between “we think we’re safe” and “we know we can recover.”
5. Create a Holiday Incident Response Plan
Recovery is faster and less costly when those in your organization are informed and have a plan, which makes an incident response plan essential for any cybersecurity checklist.
The holiday season and weekends are the most targeted points of the year where businesses are attacked. For your cybersecurity checklist, creating a simple incident response plan can greatly reduce the risk of damage from phishing scams or ransomware attacks.
When creating your incident response plan, it should include:
- Who is a part of this incident response team. It can include members from IT, legal, and executive leadership.
- Identify what assets are critical and potential threats the organization may face.
- Include procedures to detect, contain, eradicate, and recover from a cybersecurity incident.
- Establish communication protocols that explain how information will be shared internally and externally.
- Continually tested and updated with regular drills and simulations to confirm the plan and procedures are effective.
Even a simple plan like this can significantly reduce downtime when included as part of a broader cybersecurity checklist. For a more in-depth guide on creating an incident response plan, check out this blog here.
6. Implementing Endpoint Detection and Response
Lastly, continuous monitoring is needed to detect threats that may slip past layers in your security. That is why we chose endpoint detection and response to round out the final tip in our cybersecurity checklist.
An endpoint is anything connected to the internet. It can be a desktop, printer, or a server.
Endpoint detection and response (EDR) is a technology that continuously monitors endpoints for evidence of threats and performs actions to mitigate them. As threats are outpacing traditional antivirus, technology such as EDR is required to prevent the chance of a phishing scam or ransomware attacks being successful.
Some of the main benefits offered by EDR are:
- Superior threat detection: EDR is capable of spotting advanced cyberattacks that a traditional antivirus would miss.
- Real-time response: The ability of EDR to continuously scan for threats makes it a superior tool for threat hunting and investigation.
- Cost-effectiveness: The money businesses save by preventing breaches, downtime, and fines using EDR, helps pay for the technology itself and more.
- Compliance: Tools like EDR help ensure compliance to meet specific industry regulations such as GDPR, HIPAA, or PCI-DSS.
EDR is a must-have for any organization, but especially during times where more people are out of the office and cyberattacks are increasing in frequency.
Photo by Fortinet
Holiday Coverage Is Thin. Our Cybersecurity Checklist Keeps You Protected
If you want confidence that your business can withstand phishing scams and ransomware attacks during the holiday season, we at Kirkham IronTech can help you implement this cybersecurity checklist quickly and correctly.
We help businesses stay secure by providing:
- Managed Cybersecurity Services: 24/7 protection that detects and responds to threats fast.
- Managed IT Services: Day-to-day IT handled for you, with monitoring and support built in.
- Help Desk Support: Your team gets quick answers if something breaks, freezes, or won’t connect.
- Co-Managed Services: Extra support for your internal IT team, so you are covered during busy seasons, vacations, and after-hours.
- Strategic IT & Cybersecurity Planning: Executive-level planning that aligns technology with your business goals.
Contact Kirkham IronTech today, and we’ll take IT and cybersecurity off your plate so you can stay focused on running your business during the holidays and beyond.
Tom Kirkham brings more than three decades of software design, network administration, and cybersecurity knowledge to organizations around the country. During his career, Tom has received multiple software design awards and founded other acclaimed technology businesses.
