Five Steps to Defending against and Recovering from a Cyber Attack.

Author:Calder, Alan

Given how commonplace cyber attacks have become on a global basis, the topic of cyber security is moving increasingly up the board agenda, and rightly so. 72% of large businesses in the UK said they had identified at least one cybersecurity breach in 12 months and 40% experienced a breach or attack at least once a month. Clearly, businesses are aware of the prevalence and potential damage that attacks can cause. But how can they be sure that their defence strategy is up to the task?

How long would it take you to identify a security breach within your organisation? Hours? Days? Months? The average is 101 days that's three months that cyber criminals have to exploit the sensitive data that they have acquired due to a flaw in a company's security systems or processes. Simple security measures are clearly not enough. Organisations must be equipped and ready to respond to attacks, control the potential fallout and recover as quickly and easily as possible. Alan Calder, Chief Executive of GRC International pic, parent company of IT Governance, explains that by following five key steps, organisations can deploy a comprehensive cyber resilience strategy.

  1. Identify potential threats:

The first step should be to undertake a thorough risk assessment to highlight any threats that the organisation currently faces to its information assets. Any data that a company values, be that digital assets, offline content and employee knowledge, will also be valuable to a cyber criminal--they all require protection.

There are a number of risks that could impact an organisation and its information assets, from cyber attacks to human error, theft or accidental loss and even natural disasters. This is where penetration testing can help to identify weaknesses in an organisation's infrastructure and networks by highlighting vulnerabilities before cyber attackers are able to exploit them. These risks must then be fully evaluated to determine how significant the threat is how likely is the threat to happen? What could be the resulting impact?

  1. Protect against attack:

    The next step is to deploy tools to prevent the attacks, or at least reduce their likelihood or impact. These should take the form of technical controls, such as firewalls, as well as process controls, including policy changes. Detective controls can also be used to observe the environment to detect risk before it causes harm. This could include CCTV cameras or intrusion detection systems monitoring the...

To continue reading