Most businesses have had to radically change their IT strategies over the last two years. Working from home and remote access to systems and data have changed the online security environment and required a new approach to securing their intellectual property and data.
Some organisations have tweaked their existing strategy, others have started from scratch with a look at their overall online security needs.
To look at the background, and why online security has become such a key element of an overall IT strategy, the FBI has stated that cyber-attacks on organisations have increased exponentially over the last few years. Ransomware has become one of the major cyber threats.
Cybersecurity Strategy
It is a high-level plan or series of plans for securing assets and reducing the risk of a successful attack. This is not a one-off exercise but is a regularly updated document as threats and new attack vectors emerge.
A holistic strategy means moving from a reactive to a proactive approach, one which actively seeks out vulnerabilities and threats in your cybersecurity environment.
Five potential approaches are set out below, but it is more than likely that a full cybersecurity strategy will incorporate elements from all.
Be Proactive
Having a proactive approach to cybersecurity allows an organisation to predict risk and prevent attacks, rather than sweeping up afterwards. With the current rate at which new risks emerge, it is not an easy task, but one well worth doing.
The IT security team will need to keep up to date with all the trends in cyber threats and make sure that all existing preventative measures can cope, and if not, what needs to be done to counter new threats. They will also continually test the cybersecurity defences to detect any points of vulnerability.
As new threats emerge, the counter-strategy needs to be updated, as will any other affected elements, such as a Business Continuity Plan.
Educate your Users
To quote the FBI again, their view is that most malware attacks are initiated between the keyboard and the back of the chair. In other words, user errors, accidental or deliberate, cause most problems.
A proactive cybersecurity strategy must therefore include a comprehensive education programme aimed at making sure that users know what a potential malware attack looks like, what to do and, importantly, what not to do, and who to alert.
Again, this is not a one-off exercise and needs frequent reinforcement. Particular attention needs to be given to new hires as part of their induction programme. One aspect that is often overlooked is the removal of former employees’ access privileges before they leave.
Diversify
Don’t put all your eggs in one basket. Think of more than one solution. In addition to an overall vision, you will have a strategy and roadmap to implementation. Different threats need different measures. For example, a DDoS attack may require the use of a specialist upstream scrubber to remove malicious packets before they reach you.
Take a Risk-Based Approach
This strategy involves using a risk-based approach. Cyber threats have become more complex, more aggressive and more frequent. Keep in mind that this risk assessment will include other elements, not just cyber security. New threats around IoT, SCADA and other disciplines need to be catered for. There are several templates available to help with the process, for example, the NIST Cybersecurity Framework. There is also ISO 27001. Both will provide a solid basis for the development of a Cybersecurity strategy.
Keep your Business Continuity Plan up to date
Plan for the worst. Once again, the FBI say that the only successfully protected IT environment is one that hasn’t been hacked yet. This involves merging cybersecurity into Business Continuity planning, setting out how the organisation would weather a minor or serious loss of IT services following a successful attack.
Cybersecurity lies heavy on the mind of most IT Leaders. Keeping up with the rapid rate of change, both in the type and attack methods of new threats is almost a full-time job in itself. The business risks of a prolonged outage or data theft could bring a business to an end.
Having a solid cybersecurity strategy is a must in today’s IT environment.