We use cookies to provide you with a responsive service to make your experience of our website(s) better. Please confirm that you agree to our use cookies
in accordance with our cookies policy.

By continuing to use our website we will assume that you are happy to receive non-privacy intrusive cookies.
Please be aware that if you disable cookies some functionality on the site will not work.

Alternatively, read our cookie policy to find out more about our cookie use and how to disable cookies.

Accept and continue

5 steps to a better cybersecurity program

At a glance

  • Cybersecurity can be complex and confusing, but there are some basic steps that can help your clients develop a more robust cybersecurity program.
  • Starting with the basics and building upon them goes a long way in helping to protect companies in case of a cyber event.
  • An overall plan should define who takes the lead, who is on retainer for outside assistance, and internal and external communication in responding to a cyber incident.

Do your clients know who is responsible for cybersecurity in their company? Are they not sure where to begin to ensure their program is up to the test of a cyberattack? Or, perhaps a manager who isn’t directly responsible just wants to understand the risks. Cybersecurity can be complex and confusing, but there are some basic steps that can help your clients develop a more robust cybersecurity program.

Recommended actions for your clients may include:

1. Take a complete and accurate inventory of IT assets.

Security of any type is concerned with protecting assets. In the case of cybersecurity, those are information assets. But how can your clients begin to protect those assets if they don’t know exactly what and where those assets are?

Having a complete inventory of their information assets is a great starting point for any cybersecurity program. Get a complete and accurate network diagram. Maintain a ledger of all devices connected to that network including applications, operating systems and version numbers for each device.

2. Have a vulnerability management and patching program tied to an inventory of assets.

Knowing where each network device resides is only half the battle. It is even more important to always know the vulnerability status of each device, so companies should run automated vulnerability scans of their entire network at least monthly, preferably more frequently. Reviewing the vulnerability reports and applying the recommended patches as quickly as possible is also key.

Vulnerabilities are what hackers are seeking in networks because, when left unpatched, they can be exploited in such a way that the hacker can take control of that device, establish a network presence, and eventually find their way to other valuable assets on the network.

3. Conduct an awareness and training program for all users.

The users of a network – the employees, vendors, contractors and customers – can be the greatest vulnerability in terms of cybersecurity. And again, as vulnerabilities, they may be targeted by hackers via phishing or social engineering scams in order to get them to do something – reveal private information, transfer unauthorized funds or expose a password – that eventually compromises network security.

Educate users – publish an “Acceptable Use Policy.” Train users on safe email and browsing practices and how to recognize social engineering scams, teach them how to create a complex, easily remembered password. Investing in user awareness will not cost much compared with other components of your cybersecurity program, but the return on investment can be substantial.

4. Continuously monitor information assets.

Continuous security monitoring is recommended for your client’s network. Most, if not all, devices on their network are capable of generating continuous log data reporting activity on the device at any point in time. By aggregating, correlating and inquiring on this data, indicators of compromise may prompt an alert to the network administrator or security official, resulting in quick threat eradication.

5. Plan for incident response.

Assume something will go wrong, no matter how good their cybersecurity program is.

An overall plan should define who takes the lead, who is on retainer for outside assistance (legal, forensic, law enforcement), and internal and external communication in responding to a cyber incident. Have a “playbook” for different scenarios: data breach, IoT intrusion, ransomware, etc. Once a playbook and plan is in place, practice them, test them and fine-tune them.

Starting with the basics and building upon them goes a long way in helping to protect companies in case of a cyber event.

 

Recommended actions for your clients may include:

1. Take a complete and accurate inventory of IT assets.

2. Have a vulnerability management and patching program tied to an inventory of assets.

3. Conduct an awareness and training program for all users.

4. Continuously monitor information assets.

5. Plan for incident response.

Image © Getty

Leave a comment