sb-as logo
Story image

Six essential steps to a successful cybersecurity program

26 Jun 2017

Organisations are naturally at a disadvantage in the fight against cybercriminals, but building a mature cybersecurity program can help overcome those problems - at least according to Empired.

Mark Blower, national business manager, Networks and Security at Empired, says that criminals concentrate on finding ways to attack businesses 24/7 in what is a highly lucrative industry. The problem is, not every organisation does the same.

"Too many businesses have inadequate protection against these well-funded, highly-motivated attackers. It’s essential to build a mature cybersecurity program to mitigate the risks," he says.

A program should deliver five core functions: 1. Identify: understand and prioritise the components that need protection and determine how that protection can best be provided.  2. Protect: implement processes, policies, and technology to protect assets.  3. Detect: keep in mind that attacks are inevitable, so it’s essential to be able to detect when the attack is occurring, may occur, or has occurred.  4. Respond: this requires a combination of people, processes, and technology. 5. Recover: have the ability to quickly recover from a successful attack 

But how do organisations start building a cybersecurity program?

“By taking these six steps, businesses can achieve a cybersecurity program to protect the business," Blower comments.

Prioritise, scope and orient It’s important to identify business mission objectives and high level organisational priorities, then determine the scope of systems and assets that support those prioritised business lines or processes. The business should also identify related systems and assets, regulatory requirements, and the overall risk management approach. Create a current state profile Next, businesses should identify a framework to reference cyber control definitions, then develop a current profile against the framework by indicating what cyber controls currently exist in the organisation and their maturity.  Conduct a risk assessment Understanding the risk is key. A cybersecurity risk assessment should be guided by the organisation’s overall risk management process. Using the information gathered in the initial stage, the team should identify potential threat vectors and analyse the operational environment to discern likelihood of a cybersecurity event and its potential impact. It should then evaluate the most likely and most dangerous threat scenarios that could occur.   Create a target state profile The business needs to understand its ideal state. This profile should focus on the assessment of the identified controls, describing the desired cybersecurity outcomes at full maturity. It’s important to be pragmatic and aim only for what suits the organisation’s actual needs, not the perfect state according to best practices, as this is likely to be prohibitively expensive and resource-intensive. 

During this step, the business should consider the influences and requirements of external stakeholders such as sector entities, customers, and business partners.  Determine and prioritise gaps By comparing the current profile with the target profile, businesses will be able to determine the gaps, then create a prioritised action plan that draws on mission drivers, cost benefit analysis, and understanding of risks. Then the team can determine what resources are required to create treatments or mitigations. Implement the action plan  The final step is to determine what actions to take, then monitor cybersecurity practices against the target profile, measuring progress and always mapping it back to the risk, which is changing constantly. 

“Simply focusing on compliance and ensuring tools and technology are updated will not help businesses overcome the persistent, advanced threats posed by committed cybercriminals. It’s essential to clearly understand the risks and how to mitigate them," Blower comments.

"Businesses should invest in a variety of technologies and tools to develop a mature cybersecurity posture that minimises the chances of a successful attack.”

Story image
DDoS attacks a wake up call for complacent businesses - Imperva
When distributed denial of service attacks created mayhem around the world in August, they left many organisations scrambling to protect themselves.More
Story image
Index Engines enhances ransomware detection and recovery software
CyberSense helps organisations win the war against cyberattacks.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
How to address cyber-threats as a strategic risk
Becoming a cyber-secure organisation in the face of an evolving threat landscape requires a strategic, business-focused approach to security as opposed to a tactical approach in which security is addressed simply by implementing new tools.More
Link image
How to head off a rise in DDoS attacks
Many businesses invest in costly DDoS mitigation and protection solutions, but few test them. NCC Group tests all environments and is one of only two AWS DDoS Test Partners. Claim 10% off your next DDoS service today.More
Story image
The three-pronged security approach that confronts security breaches head-on
Having these three processes working in tandem is key to cushioning the blow of a breach - which, if insufficiently protected, can take on average 279 days to contain and costs an average of almost US$4 million.More