In these times when cyber attacks happen more and more frequently, being adequately prepared for them is crucial. It’s the job of security experts to secure our most precious data from cyber attacks like data breaches and consequential identity theft – however, it’s up to us to adequately prepare both ourselves and our systems for a possible attack. We have to be prepared because we never know when attackers might strike and what they target first.
Preparing For an Attack – Prerequisites
To adequately prepare ourselves and our applications for an attack, we first have to answer a couple of questions:
- What application are we protecting?
- What is the application built on? What programming languages are in use?
- How many users does the application have? Are we selling a product to them?
- If we’re selling anything, what are we selling? Is our product a software-as-a-service (SaaS) item? Do we have paying customers? How many?
- What data does the application store?
- Did we have prior experience with cyber attacks?
These are just a couple of questions we need to consider to craft a cyber attack preparation plan. You see, the answers to these questions are vital because when we know what we’re protecting, how many users we have, and answer a couple of other questions, it would be way easier for us to plan our cyber security strategy because then we’ll know where to turn.
Preparing For an Incident
Once we have answers to at least some of the aforementioned questions, we have the things that are vital to prepare for a cyberattack. Start from the top and move towards the bottom:
- Remember the programming language the application is built on. Did we use any frameworks when building our app? Familiarize yourself with the threats that may apply to that framework.
- Do we store data? What are we trying to achieve by storing data inside of our web application? Is all of it necessary? Try to minimize the amount of data that your application stores – the fewer data classes are stored by our web application, the better it is from a security perspective. Less data consumes less disk space as well!
- Did we use any additional plugins or similar things when developing our application? Are all of them up to date? Make sure all of the plugins that are being used are an absolute necessity to complete the functionality offered by your web application and always keep them up to date to avoid any security flaws targeting them.
- If the functionality of the application is to function as a SaaS provider, keep in mind that using payment gateways like the one provided by Stripe or other payment vendors will lessen our risk of being attacked on that front – the providers of these payment gateways have security in mind and it all saves us time too because we don’t have to build out a payment functionality as well!
- What industry are we serving? If we’re serving an IT-related industry (software, cybersecurity, etc.), it’s likely that our application would see an increased number of cyberattacks as time goes on, however, if we’re simply running an e-commerce store, the number of potential cyberattacks is likely to be drastically lower.
- Do we have any prior experience with cyber attacks? Prior experience tells us more than we could imagine – did the problem get delegated to the security crew of our company? Did the CEO of our company hire a team of forensic experts to look at the problem? Chances are that we learned from the things that happened in the past – remember the conclusions that were made at the end of the day and learn from them.
If you’re a security expert working at a company, also consider the option of conducting a company-wide cyber security assessment to assess the stance of the company on the cyber front: paying for an assessment will always be cheaper than paying for a data breach. Some companies also conduct cybersecurity-related training and train all employees on the threats that they might face when doing their job (they’re taught how to identify phishing emails, familiarize themselves with a couple of cybersecurity concepts, etc.)
Completing cybersecurity training improves the stance of every company making employees ready to respond to the majority of the threats that might target the company or themselves.
Preparing for a cyber attack won’t be the same without looking into the incidents that have occurred in the past – data breach archives and search engines like BreachDirectory can help us identify not only what data breaches have already happened and what we can learn from them, but also let us quickly and easily check whether we’re at risk of identity theft. Input your email, username, IP address, or domain inside of the data breach search engine and not even a second later get a response whether you’re at risk or not:
Make use of the data breach search engine and BreachDirectory’s ability to inform you once your account appears in a future data breach to protect yourself – on the other hand, if you’re running a company, the BreachDirectory API capability can be immensely useful when completing OSINT-related tasks and implementing data breach data into a part of your website to protect your clients.
Whatever the case, make use of the things that have happened in the past to protect your future.
In this blog, we’ve walked you through a couple of steps that you must consider to be adequately prepared for a cyber attack. Make sure you have answers to at least some of the aforementioned questions and evaluate your options on the cyber front to stay safe from cyber attacks both now and in the future. We hope you’ve enjoyed reading this blog, stay tuned for more news on the cyber front, and until next time!