‘Essential 9’ focus areas that form a blueprint for Security Risk Management.
With cyber security breaches at epidemic proportions and governments across the globe actively encouraging greater awareness and action, we’ve taken a look at the ‘Essential 9’ focus areas that form a blueprint for Security Risk Management.
Preventing infection from malware is both a technical and human challenge. Phishing and DDOS attacks grow ever more sophisticated and dangerous. Robust, dynamically updated anti-virus/malware protection must be deployed along with wider defence policies across the organisation.
Networks are the life blood of operations and must be protected at all costs. Rigorous defence measures should be in place across the ever-expanding attack surface area. Malicious traffic and unauthorised content must be immediately identified and nullified. On-going security testing and controls should be formalised.
Security Breach Management
Before a breach occurs, formalise an incident response plan including disaster recovery and business continuity protection. Consider the impact a breach may have and mitigate against adverse business consequences. Regularly re-examine incident management plans through formalised security testing processes, and whilst negative publicity and PR will always be a concern, criminal incidents should be reported to law enforcement authorities.
Workforce Education & Awareness
95% of security breaches are attributable to human error, making the workforce a key defence resource and simultaneously, the weakest link in the chain. On-going and engaging security awareness and training is key to embedding security policies and diligent use of systems.
Removable Hardware Control
Memory sticks and other plug-in speed saving devices are regularly used in the corporate world. Controlling and limiting the use of all removable media should be introduced. Scanning files and media at the point of introduction, and before access to corporate systems is security best practice.
Secure Systems & Applications
A growing number of user owned devices are connecting to corporate networks, and a baseline build for all devices should be applied before access is granted. Ongoing device build policy and system configuration should be continuously reviewed with security updates and patches always up to date. Create an automatic inventory of all devices connecting and accessing systems.
Manage User Access
Control and limit who has access to specific business applications and systems. Establish an effective management process whereby access is strictly controlled and limited. Privileged user access should be on a business need basis and user activity must be scrutinised. Monitoring and maintaining system access and audit logs will help identify suspicious activity.
Network & System Monitoring
Establish a ‘24 x 365’ monitoring process as a core element of security activity. Whether in-house or through a security partner - continuously monitoring all systems and networks including the analysing of logs for any unusual activity will help identify any potential attacks.
Home and mobile working has, of course, increased over recent times, and ‘Hybrid’ working is the new norm. Develop a flexible working policy that forms a core element of employee security awareness and training. Secure and pre-established software builds to all devices should be a formalised ‘business as usual’ requirement.
Protecting your systems and data from a cybersecurity breach should be given the same level of importance as legal, regulatory, financial and operational priorities. Risk management attitudes will vary across industry sectors, but the unforeseen consequences of a security breach can be catastrophic, with the organisation’s very survival under threat.
Contact us to find out how we can help you
and your business today