Story image

Six essential steps to a successful cybersecurity program

26 Jun 2017

Organisations are naturally at a disadvantage in the fight against cybercriminals, but building a mature cybersecurity program can help overcome those problems - at least according to Empired.

Mark Blower, national business manager, Networks and Security at Empired, says that criminals concentrate on finding ways to attack businesses 24/7 in what is a highly lucrative industry. The problem is, not every organisation does the same.

"Too many businesses have inadequate protection against these well-funded, highly-motivated attackers. It’s essential to build a mature cybersecurity program to mitigate the risks," he says.

A program should deliver five core functions: 1. Identify: understand and prioritise the components that need protection and determine how that protection can best be provided.  2. Protect: implement processes, policies, and technology to protect assets.  3. Detect: keep in mind that attacks are inevitable, so it’s essential to be able to detect when the attack is occurring, may occur, or has occurred.  4. Respond: this requires a combination of people, processes, and technology. 5. Recover: have the ability to quickly recover from a successful attack 

But how do organisations start building a cybersecurity program?

“By taking these six steps, businesses can achieve a cybersecurity program to protect the business," Blower comments.

Prioritise, scope and orient It’s important to identify business mission objectives and high level organisational priorities, then determine the scope of systems and assets that support those prioritised business lines or processes. The business should also identify related systems and assets, regulatory requirements, and the overall risk management approach. Create a current state profile Next, businesses should identify a framework to reference cyber control definitions, then develop a current profile against the framework by indicating what cyber controls currently exist in the organisation and their maturity.  Conduct a risk assessment Understanding the risk is key. A cybersecurity risk assessment should be guided by the organisation’s overall risk management process. Using the information gathered in the initial stage, the team should identify potential threat vectors and analyse the operational environment to discern likelihood of a cybersecurity event and its potential impact. It should then evaluate the most likely and most dangerous threat scenarios that could occur.   Create a target state profile The business needs to understand its ideal state. This profile should focus on the assessment of the identified controls, describing the desired cybersecurity outcomes at full maturity. It’s important to be pragmatic and aim only for what suits the organisation’s actual needs, not the perfect state according to best practices, as this is likely to be prohibitively expensive and resource-intensive. 

During this step, the business should consider the influences and requirements of external stakeholders such as sector entities, customers, and business partners.  Determine and prioritise gaps By comparing the current profile with the target profile, businesses will be able to determine the gaps, then create a prioritised action plan that draws on mission drivers, cost benefit analysis, and understanding of risks. Then the team can determine what resources are required to create treatments or mitigations. Implement the action plan  The final step is to determine what actions to take, then monitor cybersecurity practices against the target profile, measuring progress and always mapping it back to the risk, which is changing constantly. 

“Simply focusing on compliance and ensuring tools and technology are updated will not help businesses overcome the persistent, advanced threats posed by committed cybercriminals. It’s essential to clearly understand the risks and how to mitigate them," Blower comments.

"Businesses should invest in a variety of technologies and tools to develop a mature cybersecurity posture that minimises the chances of a successful attack.”

Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Aussies too lax about IoT security - McAfee
Aussie consumers are at a loss when it comes to securing the increasing number of connected devices in their homes and are often opting to take no action at all.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres