Monitoring your business, every step of the way.
Monitoring your business
Being able to detect a cyber attack is half the job. Responding to it effectively, and being able to fend off any future attacks, forms the other half. But, in essence, your business’ cyber security monitoring programmes must be proactive, rather than reactive. For that reason, we’ve highlighted our top 6 recommendations for your business, to ensure your (relative) security, and ability to respond:
Understand the threats to your business
Knowing what’s out there, that could potentially harm your business, is the first step towards understanding just how ‘at threat’ your business is. We can assure you, through our experience and wisdom, that the threat of a malicious attempt to gain access to your company’s information or assets is very real. And, through our work, we know that the surprise attacks are, most often, a surprise because they haven’t been planned for. A robust cyber security plan not only identifies potential threats, but plans for them to become active situations, long before they land on your doorstep. Knowing the following aspects of potential threats will help you plan more effectively:
- Who is most likely to attack or attempt to interrupt your business operations?
- Why would they benefit from doing so?
- What would motivate someone or something to attempt to access your business assets and data?
- How would they undertake an attack?
- What steps have you already taken to guard against such an attack?
- How would your business be affected by this level of attack?
- How would your business respond to this level of attack?
- What steps would your business be able to take, immediately and in the future, to recover from such an attack?
- Who are the top ten potential threats, and how can you prioritise defending your business from them?
Assess your protection level
If your business has not yet experienced some level of information loss, data leak, or loss of equipment, we’d be very surprised. In fact, you may be a unicorn, please advise? The theft or loss of equipment can also count as a potential threat, so don’t think for a moment that cyber security is all network protocols and complex IT terms. Knowing what your company does right now to protect its assets and information will help to build a framework for your cyber security plan. Moreover, as your company adopts, implements, maintains, and expands your cyber security plan, you’ll be equipped to change protocols when it’s required, review procedures when requested, or shift policies when needed.
Know when you’re under attack
Before you can respond to a cyber attack, you’ll need to know it’s happening. Monitoring your cyber security is a full-time business focus, and can include almost every aspect of your business. Basic monitoring techniques should include:
- Alerts and notifications for when any level of unauthorised access occurs. Yes, that also means enabling 2-factor authentication on your social media manager’s mobile phone, so that they know if someone’s hacked your Twitter account.
- Knowing who is responsible for responding to those alerts and notifications, and who next needs to be informed.
- What steps should be taken immediately, and in the future, to secure the information or asset under attack.
- Basic logging, remote access, and internal access, systems, must be closely monitored to ensure that no unauthorised access is taking place.
- More complex logging and access controls should be implemented for high level networks and mission-critical systems. Big idea: every system your business uses should be considered mission-critical. If your business treats every platform, programme, and system as mission-critical, you’ll naturally tend to protect access to them in every way.
Know how to respond
Your business’ ability to respond begins with being alerted to a cyber attack, but it does not end there. Establishing incident response policies and procedures is the first step; practicing it the second, and the third being deployment. There’s also, however, a fourth step: revising the incident response policies and procedures. As appropriate, engage with your team and service providers to rehearse specific scenarios, so that everyone knows what to do when. That means that your PR service provider should know what to do, if your social media manager’s mobile phone is stolen, and someone unauthorised starts tweeting from the company account, before access can be revoked.
Don’t be complacent
If your business changes in any way, so too must your cyber security plan. If the landscape or industry your business operates within changes, so too must your cyber security plan. If the laws governing your territories change, so too must your cyber security plan. If a team member responsible for any level of information or asset changes, so too must your cyber security plan.
Challenge, test, and improve
Your incident response policies and procedures are magnificently documented, everyone’s been briefed, and you’re feeling quite confident about your company’s ability to respond to a cyber security incident. But how does it work in the real world? Rehearsing and ensuring your response policies and procedures can be implemented in the real world is important. Don’t let overconfidence lull you into complacency. Get testing!
Establishing solid monitoring tools and techniques that work for your business will help your company respond to varying types of cyber attacks. We’ll help you figure out which ones you need to worry about the most. Contact ProPrivacy for assistance.