A cyber vision to cyber success.

by Pedro Tavares, Founder at CSIRT.UBI & seguranca-informatica.pt

Cybersecurity attacks and data breaches have been making headlines recently. Do you think that cybersecurity represents an additional price for organizations?

Financial risks and loss of credibility represent a constant challenge for organizations and can impact a normal business day when a cybersecurity culture is neglected — take a look at the recent cyber threats that are the cause of several compromised resources, such as infrastructures and organizations.

Cybersecurity is a widely used term associated with other cyber words, such as cyberspace, cyber threats, cybercriminals, and other concepts around this subject. Cybersecurity can be seen as a knowledge box, as it contains a set of technologies, processes and good practices that aim to protect the cyberspace, computer networks, programs, information as well as people and infrastructures from cyber attacks and also damage or unauthorized access.

Towards Cybersecurity

Ensuring an immediate response to a cyber threat requires coordination and established procedures widely distributed and known by anyone within the organization. Investment on skilled professionals and technologies that satisfy an organization’s need is a crucial part of the proposed cyber challenge.

The fight against the emergent cyber threats is one of the biggest problems that cybersecurity intends to answer, and that requires more than fully established procedures and technologies. The importance of organizations taking a proactive and preventive approach should be highlighted, including continuous monitoring and real-time assessments as well as the realization of periodic internal audits and even risk-based internal audits (RBIA), where might be defined a risk management strategy focused on the business risks.

We are living in an era where investment in cybersecurity must be part of the organization’s strategy — due to that, it not should be seen as unnecessary. This investment includes training professionals and the implementation of tools capable of analyzing abnormal behaviors.

Even if information technology (IT) is not a principal business sector of an organization, it’s mandatory to protect the personal information of customers and employees, as well as financial and operating information and unauthorized changes that can occur.

Awareness as The First Prevention Measure

Defining an initial action plan may be one of the primary goals for organizations consider themselves ready to avoid and address security incidents. Arguably, the following “GPS coordinates” must be present in the organization’s roadmap.

Set goals and objectives

To achieve the success you need a plan that provides guidelines (i.e., business goals and objectives). Organizations should begin by establishing action plans to respond promptly to security incidents and attacks.

Risk management

Cybersecurity is considered an activity linked to risk management. It’s an activity that helps to identify the risk on an organization’s assets, people, business processes, and critical technologies used in the daily operations of an organization.

 

Identity management

Obtaining the appropriate access to the information and get a sense of how they are used and by whom, is a mandatory rule.

Infrastructure monitoring

Analyze each packet in network traffic and see if it could pose a risk or if the stream is completely secure.

Provide new and continuing security education

Perhaps, one of the most important “recipe ingredients”. A cyber doctrine focused on the employee need to be promoted by organizations periodically as cyber threats are growing every day.

Share your problems

A successful cybersecurity strategy is needed to be built through little steps, for instance, you should explain to your board and CEO how a cyber incident happened and what are doing to mitigate it. Unfortunately, cybersecurity is still “invisible” for many organizations because C-level never sees the real problems — share your problems now! Due to this, it’s important for CIOs, CSOs, and others with security responsibilities to clearly explain cybersecurity technologies, policies, and practices in plain language that the CEO, the board, and other non-technical stakeholders can understand.

Conclusion

Nowadays, cybersecurity teams are faced with increasing and challenging threats that appear from many entry points — from the perimeter to the desktop; and from the mobile to the cloud; and it’s impossible to control all the “open doors”.

Because of the rapid evolution of the threats and constant changes, cybersecurity raises as a new mandatory plan for the success of organizations in this era. In the case of negligence, an organization may be extinguished from the market due to a security incident.

Also, the technology continues to grow and is becoming more sophisticated, and due to that, people will have to learn how to use it securely and in an effective manner.

Despite the reasons discussed above, there are substantial efforts to respond to the continued growth of cyber threats, and they are indeed expected to get worse before they get better.

About the Author

Pedro Tavares is a cybersecurity professional and a founding member and Pentester of CSIRT.UBI and the founder of seguranca-informatica.pt.In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, hacking, cybersecurity, IoT and security in computer networks.  He is also a Freelance Writer