Cyber Security – Reducing the Impact
According to the National Cyber Security Centre, most cyber-attacks are composed of four stages: Survey, Delivery, Breach and Affect. The following security controls, applied at each stage of an attack, can reduce your organisation’s exposure to a successful cyber-attack.
We’ve used this handy guide as an outline for you to follow. See what you think. But first, a short paragraph on who might be attacking you…
…Who might be attacking you?
Cyber Criminals interested in making money through fraud or from the sale of valuable information. Industrial competitors and foreign intelligence services interested in gaining an economic advantage for their companies or countries. Hackers who find interfering with computer systems an enjoyable challenge. Hacktivists who wish to attack companies for political or ideological motives. Employees, or those who have legitimate access, either by accidental or deliberate misuse.
So there are a number of reasons why your business could be targeted, how do you prevent an attack from happening. Because you should be thinking when, and not why. If you don’t take action, it’ll only be a matter of time before you experience an incident or an attack.
SURVEY
User Education
You should look to train all users to consider what they include in publicly available documents and web content. Users should also be aware of the risks from discussing work-related topics on social media, and the potential of being targeted by phishing attacks
DELIVERY
Network Perimeter
Defences – Make sure you can block insecure or unnecessary services, or only allow permitted websites to be accessed.
Malware Protection – Make sure you can block malicious emails and prevent malware being downloaded from websites.
Password Policy – Make sure you can prevent users from selecting easily guessed passwords and lock accounts after a small number of failed attempts.
Secure Configuration – Always Restrict system functionality to the minimum needed for business operation, systematically apply to every device that is used to conduct business.
BREACH
Patch Management – Apply patches at the earliest possibility to limit exposure to known software vulnerabilities.
Monitoring – Monitor and analyse all network activity to identify any malicious or unusual activity.
Malware Protection – Ensure that your malware protection within the internet gateway can detect malicious code in an important item.
Secure Configuration – Remove unnecessary software and default user accounts. Ensure default passwords are changed, and that automatic features that could activate malware are turned off.
User Access – Ensure well maintained user access controls can restrict the applications, privileges and data that users can access.
User Training – User training is extremely valuable in reducing the likelihood of successful social engineering attacks.
Device Controls – Devices within the internal gateway should be used to prevent unauthorised access to critical services or inherently insecure services that may still be required internally.
AFFECT
Controls for The Affect Stage Once an attacker has achieved full access, it’s much harder to detect their actions and eradicate their presence. This is where a more in-depth, holistic approach to cyber security can help.
We also came across this inspirational TED TALK by cyber security geek – James Lyne. Well worth a watch.
