sb-au logo
Story image

Six essential steps to a successful cybersecurity program

26 Jun 2017

Organisations are naturally at a disadvantage in the fight against cybercriminals, but building a mature cybersecurity program can help overcome those problems - at least according to Empired.

Mark Blower, national business manager, Networks and Security at Empired, says that criminals concentrate on finding ways to attack businesses 24/7 in what is a highly lucrative industry. The problem is, not every organisation does the same.

"Too many businesses have inadequate protection against these well-funded, highly-motivated attackers. It’s essential to build a mature cybersecurity program to mitigate the risks," he says.

A program should deliver five core functions: 1. Identify: understand and prioritise the components that need protection and determine how that protection can best be provided.  2. Protect: implement processes, policies, and technology to protect assets.  3. Detect: keep in mind that attacks are inevitable, so it’s essential to be able to detect when the attack is occurring, may occur, or has occurred.  4. Respond: this requires a combination of people, processes, and technology. 5. Recover: have the ability to quickly recover from a successful attack 

But how do organisations start building a cybersecurity program?

“By taking these six steps, businesses can achieve a cybersecurity program to protect the business," Blower comments.

Prioritise, scope and orient It’s important to identify business mission objectives and high level organisational priorities, then determine the scope of systems and assets that support those prioritised business lines or processes. The business should also identify related systems and assets, regulatory requirements, and the overall risk management approach. Create a current state profile Next, businesses should identify a framework to reference cyber control definitions, then develop a current profile against the framework by indicating what cyber controls currently exist in the organisation and their maturity.  Conduct a risk assessment Understanding the risk is key. A cybersecurity risk assessment should be guided by the organisation’s overall risk management process. Using the information gathered in the initial stage, the team should identify potential threat vectors and analyse the operational environment to discern likelihood of a cybersecurity event and its potential impact. It should then evaluate the most likely and most dangerous threat scenarios that could occur.   Create a target state profile The business needs to understand its ideal state. This profile should focus on the assessment of the identified controls, describing the desired cybersecurity outcomes at full maturity. It’s important to be pragmatic and aim only for what suits the organisation’s actual needs, not the perfect state according to best practices, as this is likely to be prohibitively expensive and resource-intensive. 

During this step, the business should consider the influences and requirements of external stakeholders such as sector entities, customers, and business partners.  Determine and prioritise gaps By comparing the current profile with the target profile, businesses will be able to determine the gaps, then create a prioritised action plan that draws on mission drivers, cost benefit analysis, and understanding of risks. Then the team can determine what resources are required to create treatments or mitigations. Implement the action plan  The final step is to determine what actions to take, then monitor cybersecurity practices against the target profile, measuring progress and always mapping it back to the risk, which is changing constantly. 

“Simply focusing on compliance and ensuring tools and technology are updated will not help businesses overcome the persistent, advanced threats posed by committed cybercriminals. It’s essential to clearly understand the risks and how to mitigate them," Blower comments.

"Businesses should invest in a variety of technologies and tools to develop a mature cybersecurity posture that minimises the chances of a successful attack.”

Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More