All companies should develop and maintain clear and robust policies for safeguarding critical business data and sensitive information, in the form of Makarov Cyber Security Planning, Protecting their reputation and discouraging inappropriate behaviour by employees. As with any other business document, cyber security policies should follow good design and governance practices, not so long that they become unusable, not so vague that they become meaningless, and reviewed on a regular basis to ensure that they stay pertinent as your business needs change.
Cyber Security Planning Framework
To develop the framework of a cybersecurity plan firstly decide who in your organisation will be responsible for developing, implementing, and enforcing the cybersecurity policy. You need a senior manager within the organisation who will take control and have the authority to make high-level decisions. This will be especially important in case of a breach where quick action is needed to mitigate loss. It is also necessary to define how each role in the organisation is responsible for adhering to cyber policy, and communicate and distribute the policies to your personnel.
The organisation my already have security policies in place, such as an ‘Acceptable Use Policy’ and an ‘Internet Access Policy’. Rules for employees to follow to help protect your network’s security. If you don’t have these then develop and put them in place now. These policies will cover the use of company laptops, mobile phones, email, internet use, remote access, and employee-owned devices.
Your policies will only be as good as your employee’s knowledge and willingness to adhere to them. Arm your employees against email phishing scams. Educate on how hackers are most likely to get into your system. Make sure your employees know what to do if they think there is any type of security breach.
Makarov Cyber Security Plan
A cyber security plan is an organisation’s written guide to follow and improve its overall risk management and defences against the on-going threat of cybercrime. Instead of starting from scratch, organisations can devise a cyber security strategy using a framework developed by the U.S. National Institute of Standards and Technology, or NIST. The framework is meant to help organisations, protect national security, jobs and privacy” in five phases.
To protect your organisation, you first must know what you have that’s worth protecting. This initial step involves accounting for all of the organisation’s assets, including personnel, systems, machines, users, endpoint devices, networks, and both stored and transmitted data. That accounting, as well as the risk assessment and vulnerability testing of those assets, will be unique for everyone. Don’t overlook steps needed to protect the physical devices that house your cyber information.
Once an organisation is aware of what is valuable, it will be able to take immediate protective actions. This involves everything from patching systems to implementing two-factor authentication to locking down employee mobile devices. This step includes bringing all of those identified assets up to the security standard set by the organisation. Based on the risk assessment and vulnerability testing done during the identify phase, each organisation can create a unique formula for protection and close any loopholes. Implement a password policy, and a schedule to change passwords on a regular basis. Limit access to critical assets as not everyone in the organisation will have the same “need to know” access to information and passwords.
Encryption is key, the process that encodes your data in such a way that it is unreadable unless you have the right “key” (usually a password). Encryption can be applied to your wireless networks, hard drives, a file, even USB drives. Terminated employees, even those that leave on good terms, can become security liabilities, intentionally or not. Have a procedure in place to decommission user accounts and devices. Keeping up-to-date on patch updates to operating systems and software is critical. Not updating leaves your network and devices vulnerable to hackers.
An organisation next needs to put the tools in place to monitor for threats, including everything from managed firewalls, intrusion detection and protection, antivirus/malware protection, distributed denial of service, threat analytics and insider threat, and, for government agencies. These tools work continuously to detect threats, monitoring the network, systems and people to spot anomalies that could cause harm. Viruses, ransomware, keyloggers, botnets, Trojans, the cyber world is full of devious, malicious programs. Unfortunately, there is not really one antivirus or antimalware program to rule them all. The best security system will have multiple layers of protection. Not sure which programs would be best to protect your business?
Firewalls are a critical component to your organisation’s network security, as cyber crime increases and evolves, so does firewall security by necessity. It cannot be understated that cybersecurity requires constant vigilance. For large organisations, continuous scanning can also provide insight into performance trends of the security system, be connected to feeds, provide authentication scans and more. An intrusion detection system should be installed to observe what’s happening inside your network and alert you to any suspicious actions.
What happens when those tools detect a threat? That’s where an organisation’s response plan comes into play. In some instances, the security tools themselves will respond to the threat automatically. In others, the organisation or a third party must respond manually. To respond correctly, the organisation must have a standard operating procedure for each type of potential threat. These procedures should identify what actions a threat should trigger, which people take what steps and who gets notified.
Even with top-notch security in place, breaches can occur. That’s why building a recovery plan is crucial. The plan should address what tools, actions or partner will be responsible for recovering systems and applications. Business units specialising in marketing and public relations also have a role to play in recovery as breaches can be a menace to any brand’s reputation and public image. These departments should know ahead of time what messages to publicise and how to best spread the word. Organisations should also take steps to understand how the same situation could be avoided in the future. Part of the recovery process involves updating the organisation’s response plan with any lessons learned. Ensure you have a regular backup schedule and the information is stored securely.
Makarov Cyber Security Planning – Living Document
While these five steps may work as a framework for an organisation’s cyber security plan, putting them in place is just the beginning. Maintaining the plan requires regular drills to test for weakness and continual updates based on new threats, as well as changes to the organisation itself including changes in endpoint devices, networks and users. An organisation’s security plan is a living document. Cyber criminals are constantly learning and changing their strategies, so security documents must evolve just as quickly. But with constant vigilance, it is possible for organisations to stay one step ahead of their attackers.
The threat of cyber attacks requires a multi-layered approach and strategy. Using a managed services provider, such as Makarov Cyber Security Planning, can considerably ease the setting up, implementing, and maintaining the resources to keep your business safe and up-and-running.
Have a question? We’re here to help.
You can reach us through our contact form, by email, or by phone. We will get back to you within 1 business day.