We all know cyber-crime is a serious and growing threat. According to Cisco, 31% of organisations have experienced cyber attacks. Accenture reports that the average global cost of cyber-crime increased by over 27% in 2017. Cyber-crime isn’t going away without a fight.
Cyber security poses the challenge of our times. And as the frequency of security breaches grows, so does the natural desire to find quick solutions to seemingly complex problems.
But as with any complex problem, the first step is to formulate a strategy and a plan - covering your people, processes and technologies.
> The cyber threats and risks continue to grow at a pace that can be difficult to keep up with...
What is a cyber security improvement programme?
To combat cyber threats, you need the right people, processes and tools to secure your systems and data. All three need to work together for this to work.
Just like a burglar, a hacker looks for an easy way in. Setting up a high-tech home security system is a great step. But if nobody locks the door, you just threw left yourself vulnerable.
Weak passwords are the unlocked window. Phishing is your aunt letting in the gas man who turns out to be a con man. You can reduce risk with a cyber security improvement programme that supports and protects your business - and ensures you are not a soft target for criminals.
Step 1: Build understanding of cyber threats
With huge data breaches and ransomware attacks hitting the headlines in recent years, you could be forgiven for assuming your users understand these threats. In reality, while users might be aware that threats exist, they either don’t know how cyber attacks occur or don’t follow best practices.
Therefore, the first step is to make sure your users know the basics of phishing scams, how ransomware infiltrates an organisation and how to protect themselves from email fraud.
Your users are the weakest link.
Step 2: Identify vulnerabilities
Next, you need to identify your most critical vulnerabilities, so you can address the biggest threats and types of infiltration most likely to affect your organisation. This means developing an inventory on direct and indirect communications systems and hardware. It also means making your users aware of the vulnerabilities they themselves create. For example, by choosing a weak password.
Yes, weak passwords still exist! In fact, some businesses are even running IT systems with the dreaded default logins:
USERNAME = Admin
PASSWORD = Admin
It doesn’t take a criminal mastermind to find 10 or 20 of your employees on LinkedIn, try some common password combos and just walk onto your network to access sensitive data and critical IT applications. It can be that simple.
Here's a simple example of this. One of our ethical hackers was performing a penetration test and hacked into the IT Director’s email. He then used this account to ask the team for their Admin passwords – 2 of the 4 replied.
The moral of the story? Don’t assume what your users know. Don’t be afraid to go back to basics and do make them aware of the most common tactics used by cyber-criminals.
Step 3: Determine the risk of exposure
You might have the same vulnerabilities as the business next door. But how exposed those vulnerabilities are is unique. This is a good time to engage in a security audit to determine:
- If you’re compliant according to regulations governing your industry and jurisdiction.
- Whether your 3rd-party relationships are increasing your threat exposure.
- How you are maintaining and recording due diligence.
- Whether you have critical vulnerabilities that aren’t sufficiently defended.
You need to determine the risk of exposure to any individual or combination of vulnerabilities to get a clear picture of your cyber-security risk.
Step 4: Develop your detection & protection measures
You can now better inform your IT team and users on how to identify attempts to breach your cyber-security. Instead of an overwhelming task, your preparatory steps help you hone in on the most pressing, likely and risky threats.
This means you can reduce the likelihood of cyber attacks and minimise the impact of any threats detected.
Step 5: Contingency planning
Understanding, minimising and detecting threats sets you in good stead for combating them before they become business critical.
But even the best-laid plans can have their own vulnerabilities. A part of any good cyber security awareness programme should include a plan B. If despite your best efforts, ransomware or a data breach manages to break through your systems and processes, you need to have a Major Incident plan that minimises downtime and wider business impact.
Step 6: Test and revise your cyber security improvement programme
If you’ve had to implement your contingency plan, it’s time to review the effectiveness of your whole programme. Though you shouldn’t wait until a threat becomes a reality. Ethical hackers can help you put your programme to the test and regular audits will help you keep track of security incidents so you know where you need to concentrate your efforts.
- How to create strong passwords you can remember
- What are the different types of malware?
- 8 Most common cyber attacks explained
- How often should you audit your cyber security & who should do it?
- Pros and cons of outsourcing your cyber security: In-house or Managed SOC?
About Comtact Ltd.
Comtact Ltd. is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).
Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact's state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK's leading organisations.