Espion Adds its Expertise to Ten Steps to Cyber Security

1. Information risk management regime

Establish an effective Information Governance structure and determine your risk appetite – just like you would for any other risk. Maintain the board’s engagement with cyber risks. Produce supporting information risk management policies.

Espion says: “It is vital to identify your critical and supporting assets and the associated threats in order to design, evaluate and maintain mitigating controls that can help protect those assets and manage Cyber Security risks.”

2. Home & Mobile Working

Develop a mobile working policy & train staff to adhere to it. Apply the secure baseline build to all devices. Protect data both in transit & at rest.

Espion says: “Bring your own device (BYOD) policies are becoming common place in larger organisations. SMEs need to ensure they too have policies in place which are specific, detailed, relevant and up-to-date to help staff maintain a strong security posture regardless of where they are working from.”

3. User Education & Awareness

Produce user security policies covering acceptable & secure use of the organisation’s systems. Establish a staff training programme. Maintain user awareness of the cyber risks.

Espion says: “Many information security people think simply warning users about fake links, malicious attachments, enticing offers and time bound requests is enough to change behaviour. Unfortunately organisations are learning the hard way that awareness rarely equals change. Engage in meaningful cyber security training which resonates throughout the organisation.”

4. Incident Management

Establish an incident response & disaster recovery capability. Produce & test incident management plans. Provide specialist training to the incident management team. Report criminal incidents to law enforcement.

Espion says: “Third-party managed security monitoring services can also allow SME’s to monitor their systems without maintaining their own internal specialist response team.”

5. Managing User Privileges

Establish account management processes & limit the number of privileged accounts. Limit user privileges & monitor user activity. Control access to activity and audit logs.

Espion says: “Regular IT audits can help SME’s ensure they have well designed controls that are operating effectively – helping maintain the principle of least privilege.”

6. Removable Media Controls

Produce a policy to control all access to removable media. Limit media types & use. Scan all media for malware before importing on to corporate system.

Espion says: “Malicious USB drives are being left outside target organisations as a way of enticing unaware staff to introduce their payloads into the target network. It is important to control portable media use inside your network.”

7. Monitoring

Establish a monitoring strategy & produce supporting policies. Continuously monitor all ICT systems & networks. Analyse logs for unusual activity that could indicate an attack.

Espion says: “Consider monitoring your systems either in-house or via a specialised third party. IT staff can utilise Open source and Enterprise Solutions that make log analysis less painful for IT staff.”

8. Secure Configuration

Apply security patches & ensure that the secure configuration of all ICT systems is maintained. Create a system inventory & define a baseline build for all ICT devices.

Espion says: “Attacks ranging from spear-phishing to SQL Injection fundamentally rely on poor patch management and insecure configuration. Regular security assessments can ensure you keep your systems up-to-date. Always be vigilant for malicious attachments, links and phone calls that may be trying to deceive you.”

9. Malware Protection

Produce relevant policy & establish anti-malware defences that are applicable & relevant to all business areas. Scan for malware across the organisation.

Espion says: “Ensure malware solutions are maintained in line with specific policies and procedures and that anti-virus solutions are always up-to-date.”

10. Network Security

Protect your networks against external and internal attack. Manage the network perimeter. Filter out unauthorised access & malicious content. Monitor & test security controls.

Espion says: “It is vital to consider what role your company plays in the overall supply chain. Could a compromise of your network mean a compromise for a client – such as a large multinational that could be a target for cybercrime? Ensure your threat level is identified and that appropriate network security controls are in place and regularly evaluated by security specialists.”