Have you ever thought about how you go about preparing your organisation for cyber-attacks and data breaches?
If you have, it is likely that the task is more complex than perhaps first thought. Where can you look for advice? One of the most trusted resources is the NCSC’s (National Cyber Security Centre) ten-step guide. In this article we will overview its guidance and recommend tools and resources to help you to take your journey to becoming cyber-secure.
Create a risk management regime
For your cyber security strategy to be effective, it will need to be supported by the board and management. Furthermore, it will need to be applied right across the business. After all, it’s no use having the IT department securing systems if no one else in the organisation does their part.
A risk management regime is a top-level framework for addressing security issues. It outlines the organisation’s budget and provides a broad plan of action. This is a system to notify individuals when new policies and procedures are created and a method for decision-making.
Scan regularly for Malware
Malware describes any software or code that has malicious effects. As the NCSC notes, “any exchange of information carries with it a degree of risk that malware might be exchanged”. You can reduce the risk with anti-malware software and policies that instruct employees to avoid actions that often lead to malware infections (such as opening attachments from unknown senders).
Secure your configurations
Misconfigured applications, databases and networks are one of the most common causes of delays and data breaches. The NCSC advises organisations to “develop a strategy to remove or disable unnecessary functionality from systems, and to quickly fix known vulnerabilities”.
The best way to do this is with penetration testing. This involves an ethical hacker looking for vulnerabilities in your systems in the same way as a crook would. Most weaknesses can be patched or otherwise addressed, relatively simply.
Review your network security
Cyber criminals often look to exploit the connections between your networks and the Internet. You can reduce this risk by implementing policies and architectural and technical responses. It won’t always be possible to cover the entirety of your networks. Therefore, you should focus on the parts of your organisation where data is stored and processed. This is where an attacker would have the opportunity to interfere with it”.
Manage user privileges
Organisations must always have access controls in place to ensure employees can only view information that’s necessary for their job. This reduces the threat of malicious insiders and insider error, and limits the amount of damage malicious behaviour can cause if they break into employees’ accounts.
Planned staff awareness training
Your employees are the people following your policies and procedures Therefore, they are directly responsible for keeping threats such as ransomware and phishing attacks out of your network.
Therefore, it is vital that you ensure all employees are given regular staff awareness courses. Such courses will cover the essentials of cyber security and specific topics, such as phishing, passwords, end point security and of course, the EU GDPR (General Data Protection Regulation).
Implement an incident management system
It’s essential for organisations to understand that, although their security measures can greatly reduce the risk of security incidents, a data breach will happen eventually. That’s why it’s important to implement a response procedure. The purpose of such a procedure is to improve an organisation’s ability to respond to all types of disruptions This includes cyber-attacks, technology failures, damage to equipment and bad weather events.
Set up system monitoring
System monitoring enables organisations to detect criminals’ attempts to attack systems and business services. Consequently, it plays a major role in your ability to detect data breaches. It also helps you determine whether your systems are being used appropriately and in accordance with your policies.
Enforce policies regarding removable devices
Often, criminals often bypass an organisation’s network security measures by injecting malware into USB ports. Storage devices such as USB sticks to use the popular term and other removable devices are often used for this. When an employee plugs the device into a work computer, the malware spreads to other computers.
We strongly recommend you don’t allow the use of USB ports for storage devices. Removable devices in the workplace should be prohibited. Locking down of USB ports is also recommended. This might not be possible for you. In this instance, you should enforce policies about how removable devices are used.
Set up procedures for home and mobile workers
Bad weather, traffic, problems with the trains or the sharing parental duties are all employee challenges for businesses. It is now normal for employees to be given remote access to their organisation’s systems. They might work from home permanently or occasionally, or simply need access to their accounts on the go. Each come with their own risks, and organisations need to establish policies and procedures to deal with them.
With Covid-19, working from home is now the new normal and means a fundamental change for all businesses.
For example, remote workers’ internet connections won’t have the same protections as the office network. Until security can be improved, you should consider revoking access to more sensitive files and applications. Forexample, you should also train employees on the risks associated with remote access. You should advise them on how to stay secure. The use of VPN technology is again, strongly recommended.
If you want to know what to know more and how Cyber Essentials can help you assess your security posture, you can book a review call here. Or you can call us on 03333 22 1011.