1. Conduct regular employee training and awareness programs. Phishing and social engineering attacks are the most common cybersecurity risk and have become more sophisticated with artificial intelligence. Continuous training can help employees recognize phishing attempts and develop best practices for password security to minimize the risk. Even if there is not time for extensive training, quick email remainders can be very effective in these last weeks of the year.
2. Strengthen access controls. Review and strengthen data controls by limiting access to the roles that need it and immediately removing access from employees who are no longer with the organization. The latter may seem basic in the abstract, but it is easy to forget when an employee is leaving. Creating clear and practical processes to regularly clean up access privileges is an important risk mitigation step.
3. Update software, accelerate systems patching, and protect endpoints. Keep all software up to date, particularly antivirus software. Updating operating systems and software regularly will reduce vulnerabilities to system security breaches. It is also important to accelerate security patching upon receipt of alerts. Malicious actors receive the same alerts and will race you to the vulnerability. Finally, ensure all endpoints are protected by an appropriate endpoint detection and response tool.
4. Increase email security. Phishing and email fraud are still some of the most common cyberattack methods. Strengthen your email security by implementing advanced email filtering systems that will identify and block malicious emails, consider flagging external email messages, and educate employees about risks related to opening attachments or clicking on links from unverified sources.
5. Examine network traffic for irregularities. Use the most current network monitoring programs to detect irregularities or anomalies in network traffic. Spotting potential incidents before they occur gives your organization time to quickly mitigate risk.
6. Create and regularly test an Incident Response Plan. Have an up-to-date plan with clear protocols to identify, contain, eradicate, recover, and report cybersecurity incidents and ensure timely updates are made when there are changes to your organization. Also, schedule a tabletop exercise to test the plan. A cross-functional exercise should involve business unit managers, a review of roles and responsibilities of internal stakeholders, and a review of organizational decisions that must be made during the incident response process.
7. Use VPNs and protect them with multi-factor authentication. As many employees will be traveling during the holiday season, encourage the use of secure Virtual Private Networks when accessing corporate networks remotely. This ensures that data transmission remains encrypted and secure. It is also important to require multi-factor authentication for users accessing VPNs for external access to networks. This will substantially reduce the likelihood of unauthorized access to networks.
8. Back up critical data regularly. Apply a strong data backup strategy for important business data, and back up information regularly to in order to conduct a quick recovery in the event of data loss or a cyber-attack. If possible, keep one complete set of backup data offline to ensure its availability for system restoration.
9. Run periodic security audits and assessments. Periodically assess your organization's security posture using wide-ranging security audits and scans. Identify vulnerabilities and address them in your systems and processes to stay a step ahead of cyber threats.
10. Engage cybersecurity experts. Consider collaborating with outside cybersecurity experts to conduct annual penetration testing and vulnerability assessments. Their insights into the ever-evolving threat landscape can help identify security gaps in your organization’s security framework.

The distractions of the holiday season offer the perfect opportunity for threat actors to exploit gaps in your cybersecurity posture. By prioritizing some of the tips and tricks above, your organization can better protect the environment from a cybersecurity incident.

The Constangy Cybersecurity & Data Privacy Team assists businesses of all sizes and industries develop a comprehensive incident response plan or support with a breach.  We are here to help!  The Constangy Cyber Team is available 24/7.  Contact us at breachresponse@constangy.com or by phone at 877-DTA-BRCH.