Why your ICT department is overwhelmed with securing your organisation!
Roger Smith
4 x author on securing #nonprofits, #SMEs, Associations and Charities from cyber events using enhance #cybersecurity concepts. Start now, do the self assessment and get your baseline!
When it comes to business security, outsourcing to a business security provider, is not, in reality, outsourcing.
The combination of knowledge, capability, expertise and understanding makes a business security provider, more a partner than a contractor.
Business security is no longer a one-trick pony based on information technology (ICT). Securing an organisation against a cyber event has to be done based on threats, risks, vulnerabilities, mitigation and a little crystal ball input and if you have one, a magic wand would help.
In addition to all of the above playing ‘what if’ scenarios makes the organisation more robust.
A managed business security service provider (MBSSP) involvement is a top-down approach to cybersecurity and when done correctly reduces the impact of a cyber event.
It involves looking at the organisation as a whole and implementing a ‘holistic’ approach to making the organisation more secure, but also more functional, more capable and more importantly more able to react to business and industry change without having to significantly change the nature and culture of the organisation.
There are no quick fixes, but there are a number of quick wins when it comes to business security. Those quick wins increase the security around the organisation significantly.
Quick wins are basic responses to the issues a cyber event presents. They include the ASD essential 8 and can be implemented in the space of a couple of days or weeks.
The essential 8 is the minimum response to cybersecurity and a cyber event and should be implemented by your IT team or provider. It is usually where the standard managed service provider sits when it comes to protecting an organisation.
The essential 8 consists of the following:
- Patch applications, application hardening and patch operating systems - patch everything and remove anything non-essential from computers. (3)
- White list application - only authorised applications can run on the device.
- 2-factor authentication - augments username and password by adding a third component for users and systems.
- Do a backup of critical data.
- Reduce the number of people with admin access and no administrator account has an email account or surfs the internet.
- Manage office application macros - they are the simplest way to target users.
Always on system
A business security process should bring a number of new and flexible systems to your organisation.
The most important is a simple monitoring and management solution that help them, and you, increase the visibility of digital assets in the business environment.
These systems also track known vulnerabilities and exploits and deliver solutions to remediate them.
In addition, these monitoring systems can be used to report on the computers, servers, smart devices, cloud-based infrastructure and internet-based components of your business.
This, in turn, increases the visibility of the business requirements.
Proactive trumps reactive
A monitoring system will always allow the organisation to be more proactive.
It removes the knee jerk reactions that can be caused by a cyber event and allows proactive systems to take over the situation and manage it correctly.
Adds a 360-degree view
There are parts of digital systems that standard users do not normally have access to.
These systems, mostly, have a logging and reporting system.
These systems are managed by centralized systems, machine learning or artificial intelligence and deliver alerts and reports so that we humans can interact and react to the information.
This allows us to be able to see, manage and react to initial symptoms of a cyber event before it becomes a problem.
There is a rule, more like a standard.
The 1,10,60 rule / standard. An exploit should be discovered within 1 minute, reacted to within 10 minutes and remediate within the hour.
To do that you need the right systems and the right people with the right expertise.
To do that you need help.
The longer it takes to be informed the bigger the impact of a cyber event.
Roger Smith is the Director of client security for Care MIT
He is an award-winning educator and best selling author in the business and cybersecurity space with a focus on making all business environments more secure and stable.