X

How to build a cyber-security strategy?

With rampant change in technology, there is a change in the way organizations work and communicate today. They are finding it difficult to cope with the changes and this has created a greater scope for risks. Coupled with this, the proliferation of the internet, Internet of things, cloud computing, mobile technology, etc. organizations are creating assets on shared networks as well as providing third-party access to digital assets. Their networks too are increasingly unstructured, decentralized and dispersed. The risks and threats to cyber  security are vexing and extremely challenging for organizations.

Traditional cyber security measures had their foundation in the centralized, controlled and managed-device networks. Today, these sort of networks or controls are close to extinct. So, Chief Information Security Officers (CISOs) must reconsider and adapt their cyber security measures to the changing environment. It is in the best interest of CISOs and others involved in IT security to upgrade their knowledge, skills, tools and practices through a cyber security course.

A sound and effective cyber security strategy should not just incorporate changes as and when or be myopic but a comprehensive, integrated one that is also future-proof.

How to build such a strategy?

Clear objectives and vision: The most important step in building a sound and effective cyber security strategy is clarity in objectives and vision of the strategy. This will enable prioritization of needs and threats to cyber security that need more or less attention and strategize accordingly.

Cyber security Risk, Threats and Gaps Assessment: The organization must be cognizant of the magnitude, nature and types of risks and threats that are facing it. An assessment of these risks, threats and gaps in the current cyber security program will help the organization understand areas of vulnerability and to strategize and adapt better. This will also help define the risk appetite of the organization and identify critical areas for investment in security.

Assess current infrastructure and security capabilities: The organization needs to assess and understand its current infrastructure and security capabilities. Some of the traditional methods such as firewall, intrusion prevention system (IPS), two-factor authentication, etc. are still relevant and can still be used if applied in the correct context.

Break Technical Silos and Integrate Teams: Technical silos are simply when different experts work in groups in vacuum and these groups do not interact with each other, even compete against each other at times, losing focus on common goals and objectives. This creates gaps and fault lines within the organization which put cyber security at high since hackers consciously look for such gaps to breach into networks. Therefore, such silo mentality must be broken within the organization and teams must understand that intrusions and breaches are possible at any layer of the infrastructure. They must be integrated to work together on cyber security through an end-to-end approach.

Use Automation for routine aspects: Automation should be used for certain routine aspects of cyber security like day-to-day security and compliance checks, reducing the time and energy of the employees spent on such activities and also enhancing routine security. This will free up the cyber security team to focus on areas of greater risk and vulnerability.

Micro-segmentation: Using this cyber security technique, security programs and policies can be integrated and applied to depths of a data system/ network up to the workload layers.  Each layer can be isolated and so can intrusions, if any.

Monitoring for insider threats: While external intrusions and breaches can be handled through a selection of processes, there is still a danger of internal threats from within the organization. To prevent such insider threats, an effective monitoring system should be included in the cyber security strategy.

Proactive testing: Testing exercises should be conducted regularly to challenge the organization’s cyber security program. Penetration tests, threat modeling exercises, etc. can be used for this purpose. Such proactive testing can help the organization to identify gaps that still exists, discover residual and unaddressed attack vectors and accordingly, take up remedial measures.

Establish Feedback Channels: Establish feedback channels will help find red flags in the strategy and remediate these as and when they crop up.

Prepare for contingencies and breaches: Despite all the measures put in place, organizations are still vulnerable to certain threats. It is important that they understand and accept this fact. Keeping this in mind, the strategy should provide for contingency measures and to successfully face breaches.

Proactive Mindset and Awareness Building: All teams should have a proactive mindset towards cyber security and must be aware of all the measures in place. Regular training and support to teams will help in this.

If you are a security professional or an IT Engineer, you must be up-to-date on cyber laws, best practices and happenings in the field to give yourself a competitive edge and be an asset to your organization. To do so and to prevent cyber-attacks as well as prepare for possible breaches, you should enroll yourself in a cyber security course.

Sakshi :