Attackers are constantly finding new ways to obtain sensitive data and access to critical systems, so it's imperative to be prepared to protect, detect, respond, and recover from cyber hacks.
The growth of remote working and the rapid shift to cloud have only exacerbated the problem, making the attack surface larger than ever. To have the best chance of protecting your sensitive data and systems, you need to work through how you effectively prepare for and react to these threats.
Best practice tips
Here's our list of best practice tips from experts in our Security Advisory Services.
1. Identify
- Start by confirming organisational security roles and responsibilities are up-to-date.
- Check that equipment inventories are maintained and ownership details are correct.
- Review your existing security risk assessments and decide if these are satisfactory to deal with possible new attacks.
- Consider the security of web and cloud-based applications internally and across your supply chain.
2. Protect
- Develop and apply appropriate safeguards to ensure the delivery of critical services.
- Ensure all staff security training is up-to-date and that users cannot access IT systems when it's no longer needed.
- Confirm that suppliers are fulfilling their contractual security obligations.
3. Detect
- Make sure you have sufficient physical security measures in place to detect compromises of infrastructure.
- Check that you have the correct network security controls in place; consider access control, identification, authorisation, and authentication.
- Operationally, ensure both patching and antivirus software are up-to-date and are feeding incidents to a monitored platform.
4. Plan
- Test your incident management procedures and business continuity plans to make sure they are current and have been reviewed recently.
- Check that you have communication plans in place with stakeholders, government agencies, and external stakeholders where necessary.
- Deploy mitigation procedures to limit the effect and disruption of cyber security incidents.
5. Define
- Make sure backups are recorded and tested to give your organisation the best chance of quick return to operations.
- Maintain plans for resilience and to restore any capabilities or services that were impaired due to a cyber security incident.