10 Steps To Cyber Security
In GCHQ we continue to see real threats to the UK on a daily basis, and the scale and rate of these attacks shows little sign of abating. The BIS 2014 Information Security Breaches Survey reported that 81% of large organisations had experienced a security breach of some sort. This costs each organisation, on average, between 600,000 and 1.5 million.
10 Steps to Cyber Security
Connecting to untrusted networks (such as the Internet) can expose your organisation to cyber attacks. Follow recognised network design principles when configuring perimeter and internal network segments, and ensure all network devices are configured to the secure baseline build. Filter all traffic at the network perimeter so that only traffic required to support your business is allowed, and monitor traffic for unusual or malicious incoming and outgoing activity that could indicate an attack (or attempted attack).
Assess the risks to all types of mobile working (including remote working where the device connects to the corporate network infrastructure) and develop appropriate security policies. Train mobile users on the secure use of their mobile devices for locations they will be working from. Apply the secure baseline build to all types of mobile device used. Protect data-at-rest using encryption (if the device supports it) and protect data-in-transit using an appropriately configured Virtual Private Network (VPN).
A risk management regime also helps keep the board involved in your cyber security efforts, and enables you to adjust your approach as the threat landscape changes. For example, you might request changes or additions to your cyber security policies or staff awareness programme.
USBs and other removable devices are the source of many security issues. Not only are they often used to inject malware but they are also involved in many insider incidents. Employees are prone to losing removable devices or leaving them plugged into computers where unauthorised parties can access them.
The 10 Steps to Cyber Security is guidance from the National Cyber Security Centre designed to help organisations manage their cyber security risks. The steps break down the task of protecting your organisation into 10 components. The 10 Steps guide was first introduced in 2012 and has been widely adopted by the public sector and industry including the NICS.
Our computer systems and network are evolving rapidly so the NCSC has recently updated the 10 Steps to Cyber Security guidance to include topics on cloud security and remote working. Adopting the security measures covered by the 10 Steps reduces the likelihood of cyber attacks occurring, and minimises the impact to the organisation when incidents do occur.
This guidance is recommended for security professionals and technical staff that include but are not limited to ICT staff, Information Asset Owners (IAO), Senior Information Risk Owners (SIRO), System Owners, System Administrators and Architects, Application/Software Developers, IT Technical & Support Staff, ICT system contractors and many more.
Data breaches can often provide several types of information that a cybercriminal may find useful, from documents and intellectual property, to credit card and financial data. In some cases, cyber attackers may even obtain information about you, your employees and customers.
Simply put, cyber attacks put your investment, data and IT systems at risk. If a cybercriminal gains unauthorized access to your systems, they could cause damage to the information they may find. These may include:
Following an attack, getting your business up and running again is only the first obstacle. Small organizations can face several repercussions if they fail to take the necessary steps to improve their cyber security:
Cybersecurity best practices should not only be established but kept up to date and followed to keep up with such versatile threats. Based on GCHQ guidelines, presented below are the 10 steps SMEs need to be taking to ensure better cyber security practices:
Dimitri graduated with a degree in electronic and computing before moving into IT and has been helping people with their IT issues for the last 8 years. A regular contributor to BusinessTechWeekly.com, Dimitri holds a number of industry qualifications, writing on subjects focusing on computer networks and security.
Owl Cyber Defense provides a comprehensive range of data diodes, one-way hardware communications devices, that help critical infrastructure organizations design, implement and monitor their cyber security best practice strategy and policies. Owl products are used throughout the world and in all critical infrastructure applications, including chemical, commercial facilities, communications, critical manufacturing, defense, emergency services, energy, financial services, food & agriculture, government, healthcare, information technology, nuclear reactors, transportation, and water & wastewater.
5. Vulnerability Management VMC is one of the core modules in our CDC activity for Radar Services and is also included in Radar Solutions. This measure is an important element in reducing cyber attack surfaces.
6. Identity and Access Management (IAM) By linking events from the IAM system of a customer and integrated into the Log Data Pipeline with the results of our log data analysis (LDA) and correlation, we can provide a holistic view of the security status of our customer organisations.
7. Data security Security is about data. Essential data needs to be stored in a secure and reliable fashion. Security measures are defined in order for your data to be stored on-premise with all necessary technical and organisational measures.
8. Log monitoring Logging and monitoring are important functions of our security products. They form the basis of our log data analytics technology, which also acts as a SIEM (Security Information and Event Management).
9. Incident management Our Cyber Defense Center, located in Vienna, is a central point for the detection and management of security incidents that threaten the ongoing operation of facilities. We work closely with our clients to detect and remediate cyber threats.
The bottom line of it: Organisations and industries are well advised in incorporating all steps mentioned above into their security plans and rely on a service product such as Radar Services managed through our CDC, or drawing from CDC technology solutions such as RADAR Solutions for an inhouse Cyber Defense Center (or Security Operations Center). Stay safe and secure!
5. Invest in cyber insurance.Take out a policy that addresses the potential losses from cyberbreaches, including damage to digital assets, business interruption, and reputational harm.
6. Raise awareness.Many breaches are preventable, but policies alone are not enough to prevent inadvertent human errors. Your organization must take proactive steps to educate employees of the evolving threats associated with mobile devices, malware, phishing, and other cyber attacks. Conduct training at least annually and for all new employees, and retain all training attendance records and materials.
8. Protect consumers and customers.Devise a plan for notifying affected people in the event of a cyber attack. If your employees are client-facing, train them on how to detect anomalous or fraudulent customer requests.
According to the 2020 Global Risk Report developed by the World Economic Forum, cyber-attacks and data breaches now feature in the top 10 most likely risks to businesses, while also featuring prominently in relation to potential impact.
As the frequency and disruptive potential of cyber-attacks increases each year, so does the cost. According to the 2019 Cost of Cybercrime study carried out by Accenture, the total cost of cybercrime in 2018 increased by 12% over the prior year and 72% over the previous five years.
These guiding principles offer business leaders advice on how to improve cybersecurity and how to protect their information assets. They can be applied to almost all organizations regardless of their size, location or sector.
The NCSC guidance relates closely to that of an information security management system (ISMS). An ISO 27001 certified ISMS identifies the assets you value, like personal and customer data or financial information, and seeks to protect them.
User education and awareness: All employees and third-party contractors need to be aware of key risks and how to report incidents. This can be achieved through security briefings as part of a new starter induction program which is followed-up regularly throughout their time with the company.
Incident management: The ability of any organization to contain an incident and then return to business as usual as quickly as possible is vital following an information security event. ISO 27001 requires organizations to include information security within their information security continuity management process. This also helps to demonstrate compliance with the EU General Data Protection Regulation (GDPR).
Information risk management regime: Management sets the tone in any organization. Where top management take information security management seriously, it will help instill a risk-aware culture throughout the company. ISO 27001 is explicit in requiring top management to give their support and clear direction.
Managing user privileges: Users can be a major source of information leakage and only allocating access based on roles will reduce errors and support the responsibilities incumbent on the user to ensure they follow good security practices.
A core part of cyber-resilience is making breaches difficult. Microsegmentation delivers substantial value to that end. By isolating every device, identity, and IoT and IoMT sensor, you prevent cyberattackers from moving laterally across networks and infrastructure.