23 March 2017
Blogs by author: Deborah Moir, Cyber Security Consultant, BT.
Securing your network against cyber crime is a bit like trying to keep water out of a leaky boat. Here’s the process you need, if you want to stay afloat.
A dangerous situation.
Imagine you’re at sea and the weather’s bad. You and a small crew are piloting a large wooden ship, and leaks have sprung throughout. The problem is, your crew isn’t large enough to simultaneously find out where the water’s getting in, fix the leaks, and predict where new holes might appear.
That’s fundamentally the situation that many organisations — such as yours — find themselves in, in today’s cyber–crime filled world. Small security teams struggle to keep out the sea of ever-evolving cyber threats surrounding their networks and trying to break in.
These dangers could come in the form of:
◾denial of service attacks (which make up 55 per cent of cyber-crime costs)
◾insider threats (34 per cent of security incidents can be sourced back to current employees)
◾phishing attacks, spear phishing attacks, zero-day threats… the list goes on.
What you need is a way to get a holistic view of your network — one which tells you where the risks are, and how to mitigate them. You need to look at your entire security landscape, because that’s what underpins your efforts to understand and protect your data, and comply with various legal, regulatory or industry requirements.
Without a successful security strategy (and supporting solutions) in place, you could suffer the financial, regulatory and reputational consequences that follow a serious data-security breach.
Keeping your network shipshape.
One solution to these challenges is a Cyber Maturity Assessment (CMA).
A CMA provides you with an in-depth review, from a business and infrastructure perspective, of where you stand — and lets you know whether you’re able to cope with cyber threats. It’ll evaluate your technical ability to stay secure, taking into account your business processes and people. This means you can identify areas of vulnerability and prioritise them, so you can start improving at once.
The analysis includes:
◾Using industry best practice.
◾Evaluating technical controls and supporting processes.
◾Focusing on key business risks.
◾Understanding critical data flows and support.
◾Prioritising for quick wins.
Taking it back to my earlier analogy, a CMA is the overview of your ship that you need. It’ll tell you where your crew should focus, so that they can plug the gaps and keep your vessel afloat.
Put simply, if the threat of cyber crime gives you a sinking feeling, then a CMA is certainly worth looking into.
You can find out more about CMAs, and our experience in security consulting, by visiting our dedicated webpage.