CYBERSECURITY ROAD MAP — Lock shop (Part 2)
This week, we will continue our look at how we go about reducing risk and protecting critical assets with our lock shop approach. We will examine the final three areas that aid in limiting the impact of a security event. These are management of protection technologies, security awareness and training, and security maintenance activities.
Most times many organisations, especially smaller ones, feel that they are the lowest on the totem pole for potential cyberattacks. This could not be further from the truth. Many factors need to be contemplated to ensure that total protection of systems and data is achieved. It is important to remember that small companies often have larger clients and will act as the gateway into larger organisations for nefarious actors, who count on security to be less sophisticated in smaller organisations.
Management of protection technologies
It is not simply enough to deploy antivirus, firewalls, and intrusion detection/prevention technologies and assume that all assets will be protected. These technologies must be constantly monitored and managed so that they continue to be highly effective at what they do. Even more important is the need to make sure that a system of monitoring the audit and access logs on these devices is implemented and that logs are regularly monitored with a reasonable retention period.
Security maintenance activities
Security maintenance activities ensure that there are clear policies, schedules, and enforced guidelines for updating and patching all software and hardware across an organisation’s technology assets. This is over and above securing the perimetre described in managing protection technologies. This is now an additional inner layer of security for everything behind that perimetre.
Security awareness and training
Finally, the single-largest threat to the security of any digital organisation is not from external threat actors, but from internal threats — employees. Not even the most sophisticated perimetre defences will prevent an employee with limited security awareness from opening the wrong attachment or document on his device. As such, a continuous training and awareness programme must be put in place for not only employees, but for partners and even customers, so that they will always be able to know how to function safely in a highly dynamic and evolving digital space.
By adopting these approaches, an organisation will make it more difficult for would-be threat actors to gain access to critical infrastructure and, thereby, significantly reduce risk.
Trevor Forrest is founder and CEO of 876 Technology Solutions. Christopher Reckord is CEO of Managed IT services provider tTech Limited. Collectively, they have approximately 80 years of experience helping organisations of varying sizes procure and implement information technology solutions and transform digitally.