Opinion, advice, and analysis by the TNW community

Zero-day exploits: 14 things to remember when an issue is discovered

Server
Scott Gerber
Story by
Scott Gerber

Scott Gerber is the founder of Young Entrepreneur Council (YEC), an invite-only organization comprised of the world’s most successful young entrepreneurs. YEC members rep… (show all) Scott Gerber is the founder of Young Entrepreneur Council (YEC), an invite-only organization comprised of the world’s most successful young entrepreneurs. YEC members represent nearly every industry, generate billions of dollars in revenue each year and have created tens of thousands of jobs. Learn more at yec.co.

YEC

Zero-day exploits can be detrimental to businesses. However, depending on how you handle an incident when it occurs, you might be able to mitigate the damage.

That’s why, in a world of ever-changing cyber threats, entrepreneurs should understand how to take action if an issue is discovered. To find out more, we asked members of Young Entrepreneur Council the following:

What is your preferred method for handling zero-day exploits? Why does this approach work so well?

Here’s what they had to say:

1. Close off public access wherever possible

Zero-day exploits, by definition, are brand new, so there’s a critical period between when a vulnerability is discovered and when a patch becomes available. To limit your exposure, don’t leave any services or ports open to the public that don’t have to be. Also, it’s important to have a robust, practiced incident response plan in place to deal with any attacks during that time. – Jaime ManteigaVenkon.us

2. Use managed hosting services

By definition, zero-day vulnerabilities can’t be predicted, but preparation can mitigate the damage. Zero-day vulnerabilities are often exploited via phishing attacks, so employees should be trained to understand the risks and how to avoid them. But, for most entrepreneurs, the best way to handle zero-days is to hire a security expert or use a managed service for web and server hosting. – Corey NorthcuttNorthcutt Enterprise SEO

3. Rely on statistics-based detection

One of the best techniques for handling a zero-day exploit is using statistics-based detection in order to detect irregularities or exploits within a defined system. This technique utilizes machine learning in order to create a baseline for what a “safe” system looks like. Based on aggregated data, machine learning algorithms can then determine if an exploit is occurring. – Blair ThomaseMerchantBroker

4. Use a Content Delivery Network

Place something in the middle of incoming requests and your server. A content delivery network like Cloudflare mitigates vulnerabilities by using a separate domain name server. This stops hackers and malicious activity before it even gets to your server. A good CDN uses its own firewall protection and acts as a built-in virtual private network hiding access to your data. – Brian GreenbergTrue Blue Life Insurance

5. Engage in preventative security practices

Use of firewalls, blacklisting and whitelisting software and robust antivirus protection is crucial for preventing zero-day exploits from occurring. Vulnerability scans and intrusion prevention systems offer network protection with content validation and forensics, application integrity checking and third-party validation that reduces the chances of malicious infiltrations and preventing attacks. – Rahul VarshneyaResumeSeed

6. Evaluate and quarantine

Zero-day exploits can take the form of viruses, worms and other types of malware. Understand your exposure and quarantine as quickly as possible. Make certain that your cybersecurity software doesn’t just cover known threats, as zero-days are vulnerabilities previously unknown. The software employed should be behavioral versus signature-based and possess offensive and defensive capabilities. – Susan RebnerCyleron, Inc.

7. Have an incident response team ready

While everyone knows that prevention is the best way to avoid a zero-day exploit, that is not always going to work. A zero-day exploit by its nature tries to take a company by surprise, so it’s best to have a team ready for whatever is thrown at you. Invest in your team. Give them the tools and training needed to limit the impact of an attack while ensuring business continuity at the same time. – Shu SaitoGodai

8. Disable and uninstall non-essential software

Disable or uninstall any software that is not essential to the operation of your business, provide comprehensive patches to all affected areas, then disable the chain of the exploit wherever possible. That’s the best comprehensive approach for handling zero-day exploits. – Andrew SchrageMoney Crashers Personal Finance

9. Involve your PR and marketing team

In order to handle the exploit on a technical level, you need to delegate tasks to your tech team and prioritize what’s most critical. Beyond that, you’ll want to involve your PR and marketing teams to ensure that the exploit doesn’t have long-lasting consequences for your brand image. Remember that many stakeholders are watching, so the messaging you put out should instill confidence, not fear. – Frederik Busslerbitgrit Inc.

10. Divide your team

When a zero-day exploit pops up, we divide our team into various groups. One group handles the customer support side of things, which helps those who were impacted by the exploit. The other half of our team works on getting the issue patched before further issues arise. – David HenzelLTVPlus

11. Lock down your systems

In the event of a zero-day exploit, my advice is to lock everything down immediately and go offline. Your customers and clients may be temporarily inconvenienced if you go dark for a while, but the alternative is so much worse. This is the best way to ensure that the security of your business and your clients are protected while your IT team can figure out how to solve the issue. – Bryce WelkerThe Big 4 Accounting Firms

12. Use updated browsers

Browsers are often easy targets for zero-day exploits and attacks, so it’s important to keep them updated. Browser updates are usually automatic but make sure to check out specific browser update instructions for the particular browser you’re using. – Stephanie WellsFormidable Forms

13. Educate your employees

The more that people know about potential vulnerabilities, the better they can identify a zero-day exploit. Many developers will not disclose this information, so the burden falls on you and the IT department to warn about these back doors. Share mandatory seminars on online security, while updating browsers regularly. Employees will appreciate knowing safe computer habits to prevent breaches. – Patrick BarnhillSpecialist ID, Inc.

14. Go into maintenance mode

Don’t be afraid to put your website in maintenance mode when you discover a zero-day exploit. Make sure you let consumers know that you’re working on the site and it will be back up shortly. You may lose out on some sales during this time, but that’s nothing compared to the tens of thousands of dollars and lack of consumer trust that follows a website breach. – Blair WilliamsMemberPress

Published September 27, 2019 — 09:00 UTC