Mean Time To Respond (MTTR)

SMBs should strive to have the lowest possible MTTR that is commercially reasonable to achieve for their business. The best way to accomplish this is to have strong cybersecurity measures in place including the following:

• Network Intrusion Detection and possibly Prevention with logging and alerting from a Security Incident Event Management (SIEM) solution in place
• A robust Incident Handling Process
• Network performance monitoring and alerting
• Application performance monitoring and alerting

The more visibility into your network and applications you have, such that you can record normal daily activities, the more likely you are to identify abnormalities and strange network activity quickly. This will help you lower your MTTB and take proactive actions to protect your network.

Additional Protections All SMBs should have in place

In order to stay secure and lower the chances of becoming a victim of an attack, your company needs to take proactive measures. CyberHoot recommends the following best practices to avoid, prepare for, and prevent damage from these attacks:

• Adopt two-factor authentication on all critical Internet-accessible services
• Adopt a password manager for better personal/work password hygiene, to house unique 14+ character passwords for every account
• Require Governance Policies (WISP, Password, Acceptable Use, Information Handling, Incident Response, and VAMP)
• Follow a 3-2-1 backup method for all critical and sensitive data
• Train employees on cybersecurity skills they need such as strong password hygiene and how to spot and avoid phishing attacks
• Test that employees can spot and avoid phishing emails by testing them
• Document and test Business Continuity Disaster Recovery (BCDR) plans
• Perform a risk assessment every two to three years

Start building your robust, defense-in-depth cybersecurity plan at CyberHoot.