Yet another data breach was revealed this week in the national press; this time the MoD, where sensitive military data has been compromised. Our CEO Martin Greenfield commented in the i news stating that “what we see time and again is that the challenge is exasperated by the presence of silos in cyber security monitoring, which can lead to gaps in threat detection and response”
So, in light of this news and the fact that it is clear that the UK is being very specifically targeted, how can businesses build their data defences and shield against those cyber threats?
What are the next steps in cyber protection that businesses can take?
The number one thing that any business must start doing is to stop looking at cyber security in silos. This is where for too long cyber security has been viewed through a very narrow lens and in isolation of the components that are necessary to interact. This can no longer be the case, and in order to prevent large-scale data breaches, a multi-faceted approach that involves technology, organisational policies and employees is imperative.
How do organisations eliminate the silo working to ensure these steps have maximum effect?
CISO’s and cyber security teams really need to create the unification of departments for the greater good of overall cyber security effectiveness. CISO’s now have to be the strategic partner and align their goals to overall business objectives. This means they need to talk the business talk to bring people on board and align any cyber security measures to that of overall business goals.
With that in mind, how do CISO’s and cyber security teams foster that unified approach?
A single orchestration layer pulling all disparate technologies together: Technology and systems should be pulled together into a single orchestration layer that will allow for complete continuous monitoring of an organisations entire infrastructure. This will result in quicker detection of threats and risks and allow for immediate remediation. Many regulatory frameworks now insist on continual monitoring as a way of remaining compliant, for example, NIST, the new impending DORA and ISO 27001.
Communication is key: Cyber security teams need to remove the jargon and create open dialogue between teams, cross-departmental meetings, email updates or collaboration platforms where teams can share information and discuss cybersecurity issues. This is communication that needs to be managed from the top down to the operational teams.
Develop a Unified Cybersecurity Strategy: Work together to develop a comprehensive cybersecurity strategy that aligns with the overall business objectives and addresses the specific needs of each department. Bring everyone into the conversation to foster that alliance and accountability in all.
Integrate Security into Business Processes: Embed security into the organisation’s business processes and workflows, ensuring that security considerations are taken into account from the outset of any new project or initiative.
By fostering collaboration and breaking down silos between departments, businesses can create a more cohesive and effective cybersecurity strategy that addresses the evolving threat landscape and protects the organisation from cyber threats.
General business: What are the cyber security strategies that all organisations should ensure are implemented:
Check there are strong security measures: Run a check to ensure that you have encryption, firewalls, intrusion detection systems and EDR software to protect your network and data. However, whilst these tools are critical, organisations must ensure that there is 100% coverage that each asset is using the correct version, configured correctly and critically that any vulnerabilities are patched. Without doing this, you will have invested in tools that lack the performance required to secure your business and you will be lulled into a false sense of security.
Do those software updates and patches: It’s imperative you keep all software and systems up to date with the latest security patches to ensure there is no exploitation of any vulnerabilities that hackers can utilise for their benefit.
Strict controls for access and authentication: Multi-factor authentication and strict user access will ensure that only authorised personal can access any sensitive data.
Review the data you hold: Ensure that you are only holding relevant data that is necessary for operational purposes. This will limit and reduce the potential of any breach.
Secure your data: Use secure protocols for storing and transmitting data, such as encryption, and secure connections (e.g., HTTPS).
Perform regular security audits and risk assessments: This will focus your cyber security teams on the risks your organisations hold and how to address these effectively.
Ensure you have an incident response plan: Review or create a comprehensive incident response plan that defines the steps that the business has to take in the event of a breach, including any legal obligations and communication protocols that have to be adhered to.
Review how you manage your 3rd parties: You need to review how your 3rd parties view Cyber Security. Place a cyber lens on their practises and extend your due diligence on the suppliers you use to beyond cost and convenience but how seriously they take their own cyber security practises. f you have interconnected systems, you can insist they adhere to strict security measures for your own cyber protection.
Data back up and recovery: Robust recovery plans should be in place, as well as regularly backing up any critical data; these are imperative to ensure any business continuity in the event of a breach.
Regulatory Compliance: Stay updated with relevant regulations such as GDPR, HIPAA, or PCI DSS and ensure compliance with data protection laws to avoid legal repercussions and financial penalties.