Cyber 101: Managing Security in the Holiday Season

The holiday season is especially challenging from a cybersecurity perspective. While MSPs and end users have to deal with the annual spike in cyber crime, they may also have to deal with a shortage of staff members who are available to deal with any potential incidents.

So how do you manage your cybersecurity? While one might try and scramble to hire another cybersecurity professional to help with remediation, cyber professionals are expensive – and hard to come by. In North America alone, 14% of cybersecurity positions don’t have qualified people to fill them.

At SKOUT, we see these concerns pop up every year. The good news is that we and several other security vendors are aware of these problems, and we’ve come prepared.

In the new Work From Home environment, more and more remote cybersecurity services are emerging, and it’s never been easier to outsource your cybersecurity affordably and protect your customers’ data. And support is also more accessible than ever. For example, SKOUT’s Security Operations Center stays open 24/7, 365 days a year, and most vendors will offer some form of assistance with remediation.

So what are your responsibilities when it comes to managing cybersecurity during this time of year?

Although your end users and your non-cyber employees might not need to know the most technical, IT/remediation based terms, they should have an understanding of the software and technology you use. For example, they should probably know how to use and change settings for Microsoft 365, G Suite, Salesforce, WordPress or any other software, and know how to update it. If you’re running a retail operation, you should make sure that your employees know how to keep your POS software up to date in the event that a security flaw is patched. Once you and your employees are up to speed on basic hardening practices to keep your devices a little more secure from attackers, all that you must do is make sure that you’re using the latest version of your software, and let your cybersecurity provider handle any major issues.

What will your cybersecurity provider do to protect you?

Your cybersecurity partner is responsible for monitoring your systems and networks continuously to look for any signs of abnormal or anomalous activities. With SKOUT, for example, we set up sensors in order to do so. Providers will often offer their own endpoint protection systems (or work with your existing solutions) to cover your devices and scan them for malware.

As more data and systems transition to the cloud, security vendors are also introducing cloud-based cybersecurity too. For example, vendors might offer solutions for cloud-based systems like Office 365, which will scan for unfamiliar or suspicious logins, or brute force attempts to access your network. And of course, to protect people from the growing threat of spam emails, phishing campaigns and malicious links, many vendors should offer some form of email protections or filters. Of course, if you need direct assistance with security concerns, your security partners should be ready to assist directly; and also to recommend the right professionals to assist with anything they don’t offer in-house.  

It’s not required – or even necessary – that you have a full cybersecurity team on staff and on the payroll during the holiday season. First, finding the right people is a difficult process in the current cybersecurity job market; and secondly you may not have the budget to handle that much additional headcount at premium salary rates. Your team should be able to handle the basics, and your cybersecurity partner should be managing everything else for you.