Boost Cyber Resilience – Here’s What Cybersecurity Agencies are RecommendingIT Risk & Cyber Risk | 4 Min Read |10 March 22|by Patricia McParland
In today’s digitized era, businesses exist not only in the physical world but also in the virtual world. Some companies exist only in the virtual world – all it takes is a website and a connection to get started. Today, we work from anywhere, across networks and devices. While this has significantly improved the ease of doing business, we are now exposed to cyber risk more than ever.
In this hyper-connected business environment with high digital dependencies among organizations, a cybersecurity incident at one organization can quickly obliterate connected businesses. What makes the situation direr is that data breach incidents often go undetected until it’s too late. According to the Cost of a Data Breach 2021 report, it takes 287 days on an average to identify and contain a data breach.
The need to strengthen cyber defense mechanism and safeguarding critical organizational assets cannot be overstated. So, what steps can your organization take right now to become more cyber resilient?
Useful Advice from U.S., U.K. and EU Governments
Governments and security agencies regularly issue regulations, frameworks, and guidance to help organizations amp up their cybersecurity measures. Here are some of the prominent regulatory bodies around the world and the advice they have to share.
Protect Against Ransomware with NIST
In the U.S., the National Institute of Standards and Technology (NIST) published a draft on “Cybersecurity Framework Profile for Ransomware Risk Management”, providing guidance to organizations to prevent, respond to, and recover from ransomware attacks.
More recently, the agency announced its plans to revise the framework to keep up with the ever-evolving cybersecurity landscape and published “Ransomware Risk Management: A Cybersecurity Framework Profile.”
“This Ransomware Profile can help organizations and individuals to manage the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events. The profile can also be used to identify opportunities for improving cybersecurity to help thwart ransomware,” the document reads.
For a deeper dive into NIST’s Cybersecurity Framework, click here.
Ongoing Advice from CISA and the FBI
Elevated cyber risk is a key concern to the U.S. government, and they regularly issue guidance and best practices. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are all good sources to follow. Top recommendations to improve your cyber-resilience include:
- Require multi-factor authentication.
- Ensure that all software is up to date, especially those with known vulnerabilities.;
- Implement strong controls and policies
- Focus on identifying and quickly assessing any unexpected or unusual network behavior.
- Ensure antivirus/antimalware software is up to date.
- Designate a crisis-response team
- Assure availability of key personnel
- Conduct a tabletop exercise
- Test backup procedures
- Test controls
In the UK, the National Cyber Security Centre (NCSC), a part of the Government Communications Headquarters (GCHQ), has also highlighted actions to take when the cyber threat is elevated, including:
- Check system patches to ensure they are up to date
- Verify access controls
- Ensure defenses like anti-virus software are working
- Log and monitor incidents
- Review backups
- Ensure that your incident management plan is current
- Check and perform a vulnerability scan of your internet footprint
In the EU, the European Union Agency for Cybersecurity (ENISA) and CERT- EU have jointly issued a set of cybersecurity best practices for public and private organizations. This useful set of practices overlaps with the above and also includes some unique tips:
- Maintain tight control over third-party access to your internal networks and systems to prevent and detect potential attacks should a third party be compromised.
- Pay special attention to hardening your cloud environments.
- Review your data backup strategy and use the so-called 3-2-1 rule approach: keep three complete copies of data, with two of them locally stored but on different types of media, and at least one copy stored off-site.
- Conduct regular training to ensure that IT and system administrators have a solid understanding of security policy and associated procedures
- Block or severely limit internet access for servers or other devices that are seldom rebooted, as they can be used to establish back-door access
Now is the time to strengthen your organization’s cyber defense mechanism and protect against the looming cyber threats.
What Else Cybersecurity Teams Can Do to Build Resilience?
Encourage a security-aware mindset in their employees. Using strong passwords, multi-factor authentication, virtual private network (VPN), and other such measures go a long way in improving organizational security. Security teams must also back up critical data and information.
Closely monitor IT vendors and third parties. Third parties and vendors can serve as an entry point for a breach or attack. Security teams must identify IT vendors, classify them into “critical” and “non-critical” categories based on their access to organizational assets, perform due diligence, and raise red flags on an ongoing basis.
Implement strong policies, controls and gain visibility across your risks. Define and maintain business entities such as IT risks, assets, threats, vulnerabilities, processes, and controls in a central repository and regularly test and monitor controls for effectiveness
Explore how MetricStream can help – click here to request a personalized demo.
You may also be interested in:
For more advice, please contact us at [email protected]