Cyber security and the process of protecting important information from unauthorised access should now be an essential activity for all organisations. As recent high profile breaches have shown, an inability to manage, monitor and react to security threats can have a lasting impact on business continuity and can undermine investor confidence, damage brand image and lead to significant costs in both the short- and long-term.
It is no longer viable to merely have a sophisticated system in place: this system must be reviewed and updated on a daily basis in order to adapt alongside an organisation's infrastructure and the threat landscape.
Questions you should be able to answer
When addressing cyber security issues, there are several questions that all organisations should be able to answer:
1) Who is currently responsible for the Information Security Activities within the company? If it is the Head of Security or Chief Information Officer then it is vital that they provide regular intelligence updates to management about who might compromise security, while listing their methods and motivations.
2) What company data is most valuable and who in the organisation has access to it? Cyber security is now a strategic risk management issue, so organisations must always be aware of insider threats. Privileged users such as system and network administrators pose the greatest risk to security according to a recent survey. This is due to their wide-ranging access to important data.
3) Can you see what is going in and out of the security system on a daily basis? Investing in network visibility can be crucial to preventing unauthorised access. It is impossible to stop attacks that you cannot see, so organisations should attempt to gain a holistic view of the environment by monitoring for threats, violations of network policies and erroneous behaviour in the network.
4) Is there a cyber incident response plan? This is one of the more crucial questions! This can be difficult to implement effectively as it requires a seamless integration between the business and security teams. Constantly developing, reviewing and practicing response plans can improve the effectiveness of reacting quickly and efficiently to incidents. The benefits are significant, as better decision-making can remediate potential damage.
Other questions every company should be able to answer include: is there a threat awareness program for senior management and employees and who is responsible for monitoring the Internet of Things (IoT) and social media for possible threats and information?
If you cannot answer any of the above questions,it means your Cyber Security strategy needs to be reviewed and you need to deploy an effective Cyber Security plan. For a detailed dicsuccion or just some advice please get in touch with our Cyber Security team on: +44 (0)20 7014 0230.
This blog has been written by Jack Skinner - Cyber Security Consultant, please contact Jack on: +44 (0)20 7014 0230 or send an email to firstname.lastname@example.org.
Montash is a multi-award winning, global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy & Technologies, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.