Page 46 - Cyber Defense eMagazine - November 2017
P. 46
Taking Steps Toward Becoming Proactive
It’s clear that the threats modern businesses face are very real. But what can they do in order to
mitigate their risks?
It all starts with a mental shift where there’s a genuine commitment to enhancing cyber security.
This is integral to creating a security-minded culture and lays the groundwork for a real
transformation to begin.
Our philosophy is based upon cyber security by design rather than chance. As cyber criminals
continue to become more sophisticated and advanced with their attacks, it requires diligence
and perseverance to stay ahead.
You need a comprehensive plan that covers all of the core areas and enables you to get your
cyber security to where it needs to be. This involves a five-step process:
1. Define
2. Plan
3. Execute
4. Report
5. Monitor
Defining involves examining where your company is currently at in terms of cyber attack
prevention and determining where you need to be and what your target profile looks like.
Planning is where you develop and implement a plan that will ultimately enable you to attain
your cyber security target profile. It’s where you must devise realistic and actionable steps to
take.
Execution revolves around implementation of the plan that’s based on a specific timeline, while
taking resources and budget into account.
These first three steps are what allow you to initially ramp up your cyber security. They help
catalyse the transformation and get security to where it needs to be.
At that point, reporting and monitoring are what allow you to assess and track the results and
continually fine-tune your security practices. This provides consistent protection even as threats
evolve and advance over time.
Performing Penetration Testing
One of the most effective ways to protect your data assets is to identify potential vulnerabilities
before attackers have the chance to. Penetration testing is a means of accomplishing this and
involves a comprehensive assessment of your web app, mobile app, network and so on.
By pinpointing weaknesses, you can come up with viable solutions to drastically reduce the
attack surface. In turn, you can ensure that your company remains ahead of cyber attackers,
which will give you greater peace of mind.
Developing a Business Continuity Plan
A business continuity plan is based upon devising a strategy and creating a plan of action in the
event of a disaster. If your enterprise is in fact hit with a serious attack, you will have a
sequence of steps in place to minimise the damage and get operations back to normal in the
shortest amount of time possible.
46 Cyber Defense eMagazine – November 2017 Edition
Copyright © 2017, Cyber Defense Magazine, All rights reserved worldwide.