Get Aligned!

You can download this infographic from the National Cyber Security Centre on the link below.

How can organisations protect themselves in cyberspace?

An effective approach to cyber security starts with establishing an effective organisational risk management regime (shown at the centre of the above diagram). This regime and the 9 steps that surround it are described below.

https://www.ncsc.gov.uk/content/files/protected_files/guidance_files/NCSC%2010%20Steps%20To%20Cyber%20Security%20NCSC.pd

1. Risk Management Regime

Embed an appropriate risk management regime across the organisation. This should be supported by an empowered governance structure, which is actively supported by the board and senior managers. Clearly communicate your approach to risk management with the development of applicable policies and practices. These should aim to ensure that all employees, contractors and suppliers are aware of the approach, how decisions are made, and any applicable risk boundaries.

2. Secure configuration

Having an approach to identify baseline technology builds and processes for ensuring configuration management can greatly improve the security of systems. You should develop a strategy to remove or disable unnecessary functionality from systems, and to quickly fix known vulnerabilities, usually via patching. Failure to do so is likely to result in increased risk of compromise of systems and information.

3. Network security

The connections from your networks to the Internet, and other partner networks, expose your systems and technologies to attack. By creating and implementing some simple policies and appropriate architectural and technical responses, you can reduce the chances of these attacks succeeding (or causing harm to your organisation). Your organisation’s networks almost certainly span many sites and the use of mobile or remote working, and cloud services, makes defining a fixed network boundary difficult. Rather than focusing purely on physical connections, think about where your data is stored and processed, and where an attacker would have the opportunity to interfere with it.

4. Managing user privileges

If users are provided with unnecessary system privileges or data access rights, then the impact of misuse or compromise of that users account will be more severe than it need be. All users should be provided with a reasonable (but minimal) level of system privileges and rights needed for their role. The granting of highly elevated system privileges should be carefully controlled and managed. This principle is sometimes referred to as ‘least privilege’.

5. User education and awareness

Users have a critical role to play in their organisation’s security and so it’s important that security rules and the technology provided enable users to do their job as well as help keep the organisation secure. This can be supported by a systematic delivery of awareness programmes and training that deliver security expertise as well as helping to establish a security-conscious culture.

6. Incident management

All organisations will experience security incidents at some point. Investment in establishing effective incident management policies and processes will help to improve resilience, support business continuity, improve customer and stakeholder confidence and potentially reduce any impact. You should identify recognised sources (internal or external) of specialist incident management expertise.

7. Malware prevention

Malicious software, or malware is an umbrella term to cover any code or content that could have a malicious, undesirable impact on systems. Any exchange of information carries with it a degree of risk that malware might be exchanged, which could seriously impact your systems and services. The risk may be reduced by developing and implementing appropriate anti-malware policies as part of an overall ‘defence in depth’ approach.

8. Monitoring

System monitoring provides a capability that aims to detect actual or attempted attacks on systems and business services. Good monitoring is essential in order to effectively respond to attacks. In addition, monitoring allows you to ensure that systems are being used appropriately in accordance with organisational policies. Monitoring is often a key capability needed to comply with legal or regulatory requirements.

9. Removable media controls

Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. You should be clear about the business need to use removable media and apply appropriate security controls to its use

10. Home and mobile working

Mobile working and remote system access offers great benefits, but exposes new risks that need to be managed. You should establish risk based policies and procedures that support mobile working or remote access to systems that are applicable to users, as well as service providers. Train users on the secure use of their mobile devices in the environments they are likely to be working in.

The 10 steps guidance is complemented by the paper Common Cyber Attacks: Reducing The Impact. This paper sets out what a common cyber attack looks like and how attackers typically undertake them. We believe that understanding the cyber environment and adopting an approach aligned with the 10 Steps is an effective means to help protect your organisation from attacks.

Back to List

Related Stories

Three Key Components of a Cyber Resiliency Framework

Three Key Components of a Cyber Resiliency Framewo…

Extortionists know that the availability of backups often determines whether they can collect on their ransom demands. Those without suffici…

Read Post

Moving Beyond the Perimeter

Moving Beyond the Perimeter

In this white paper, you’ll find – An overview of the new enterprise architecture, Detailed descriptions of new risks, How to protect agai…

Read Post

The headlines are clear - cyber attacks are imminent

The headlines are clear – cyber attacks are immine…

The UK’s National Cyber Security Centre (NCSC), the FBI, and the US Department of Homeland Security have issued a joint alert warning of a g…

Read Post

Paradigm Shifts - What to expect in 2018

Paradigm Shifts – What to expect in 2018

Skills and resources – these are the two elements that make up an attacker’s arsenal. An attacker, however, cannot set out to break security…

Read Post

The new breed of ransomware that's changing all the rules

The new breed of ransomware that’s changing all th…

The recent spread of WannaCry and NotPetya are rewriting the rules of ransomware, and it’s turning into something far more sinister. If thes…

Read Post

Ransomware: How you can help prevent an infection

Ransomware: How you can help prevent an infection

Ransomware: the word on everyone’s lips right now. If you haven’t been hit, you no doubt will be on-edge until the perceived threat disappea…

Read Post

London Property Forecast 2017

London Property Forecast 2017

While London has weathered an uncertain economy surprisingly well and looks set to remain stable in the upcoming year, occupancy rates are e…

Read Post

Ransomware Defence for Dummies

Ransomware Defence for Dummies

The rise of ransomware over the past few years is an ever-growing problem that has quickly become an extremely lucrative criminal enterprise…

Read Post

GDPR: 12 Steps to Take Now

GDPR: 12 Steps to Take Now

GDPR is only one year away, and the clock is ticking to make sure your business is compliant. While there are many similarities between the …

Read Post

IT Security: Are you being negligent?

IT Security: Are you being negligent?

Almost every day there is a data breach in the news. Companies like Yahoo, Linkedin, Adobe, JP MorganChase, and even a US voter database wit…

Read Post