Reading Time: ~ 3 min.

A popular military maxim speaks to the need for redundancy and
it goes like this: “Two is one and one is none.” Redundancy is also a key
principle when it comes to cyber-resilience. A popular rule in data protection and
disaster recovery is called the 3-2-1
backup rule
. IT pros often borrow from military strategies when approaching
cyber-resilience, including a strategy known as “defense in depth.”

Defense in depth is a useful framework for protecting IT
environments. It acknowledges that hackers will often use evasive tactics or
brute force to overrun the outer-most layer of defense. So, multiple layers of
defense are necessary – or defense in depth – to anticipate and mitigate lost
ground. Cyber-resilience is a very high priority for businesses. So, we put
together these five tips for improving cyber-resilience based on a
defense-in-depth approach.

Tip #1: Sharpen perimeter defenses

Cybercriminals are getting better at using evasive tactics
to circumvent company firewalls and antivirus. Some of these evasive tactics
include file-based, file-less, obfuscated and encrypted script attacks. To
counter these tactics, we’re rolling out a new shield technology to detect,
block and remediate evasive attacks much faster and more effectively than
before. Webroot®
Evasion Shield
stops attacks that elude other endpoint protection
solutions. Cloud-based threat intelligence further increases resilience at the

Tip #2: Strengthen the first line of defense – people

The primary vector for malware distribution is phishing
. While cybercriminals find increasingly deceptive ways to trick
employees into downloading malicious code, not enough businesses are countering
by educating their workforces about identifying suspicious activity. With
employees being the weakest link in the cyber-security chain, the solution is regular
awareness training
, with phishing simulations and courses on best practices
for identifying and reporting suspicious activity.

Tip #3: Secure your DNS connection

The domain name system (DNS) is what allows internet traffic
to find your website. But DNS protocols were not designed for security. In
fact, they’re highly vulnerable to cyberattacks, including cache poisoning,
DDoS, DNS hijacking, botnets, Command-and-Control (C&C) and man-in-the-middle
attacks. A cloud-based
DNS security solution
enables businesses to enforce web access policies and
stop threats at the network’s edge before they ever hit the network or

Tip #4: Create and deploy a backup strategy 

Redundancy is essential for cyber-resilience. Businesses must
consider a scenario where malware circumvents outer defenses. Since detecting
and remediating malware infections can be time-consuming, it’s important to
have copies of files and data for business continuity. Scheduled
with file versioning is necessary for mitigating malware infections
and other forms of data loss. The scheduling feature is crucial since leaving
it up to users exposes backup policy to human error.

Tip #5: Test recovery strategy regularly

Backup and recovery go hand-in-hand. And backup is only
effective if it enables rapid recovery with minimal disruption. It’s important
to test disaster recovery practices and procedures before you experience a live
disaster scenario. Disasters come in different shapes and sizes, so it’s
important to test simple file and folder recovery as well as large-scale system
restore. Also, some systems are more critical than others. Tier-one systems (the
most critical) need high levels of uptime, approaching 100%. This traditionally
requires a secondary data center that is very costly to acquire and maintain.
This is no longer the case. Disaster recovery
as a service
reduces the cost of standing up a secondary environment. It
also allows for frequent testing of disaster recovery protocols. Businesses
should test once a quarter – or at least once a year – to ensure systems are cyber-resilient
when necessary.

To get started on the road to cyber resilience, take a fee trial here.

The post 5 Ways to Improve Business Cyber-Resilience appeared first on Webroot Blog.