Page 46 - Cyber Defense eMagazine - November 2017
P. 46

Taking Steps Toward Becoming Proactive

               It’s clear that the threats modern businesses face are very real. But what can they do in order to
               mitigate their risks?

               It all starts with a mental shift where there’s a genuine commitment to enhancing cyber security.
               This  is  integral  to  creating  a  security-minded  culture  and  lays  the  groundwork  for  a  real
               transformation to begin.

               Our philosophy is based upon cyber security by design rather than chance. As cyber criminals
               continue to become more sophisticated and advanced with their attacks, it requires diligence
               and perseverance to stay ahead.

               You need a comprehensive plan that covers all of the core areas and enables you to get your
               cyber security to where it needs to be. This involves a five-step process:

                  1.  Define
                  2.  Plan
                  3.  Execute
                  4.  Report
                  5.  Monitor
               Defining  involves  examining  where  your  company  is  currently  at  in  terms  of  cyber  attack
               prevention and determining where you need to be and what your target profile looks like.
               Planning is where you develop and implement a plan that will ultimately enable you to attain
               your cyber security target profile. It’s where you must devise realistic and actionable steps to
               take.
               Execution revolves around implementation of the plan that’s based on a specific timeline, while
               taking resources and budget into account.
               These first three steps are what allow you to initially ramp up your cyber security. They help
               catalyse the transformation and get security to where it needs to be.
               At that point, reporting and monitoring are what allow you to assess and track the results and
               continually fine-tune your security practices. This provides consistent protection even as threats
               evolve and advance over time.

               Performing Penetration Testing

               One of the most effective ways to protect your data assets is to identify potential vulnerabilities
               before attackers have the chance to. Penetration testing is a means of accomplishing this and
               involves a comprehensive assessment of your web app, mobile app, network and so on.

               By  pinpointing  weaknesses,  you  can  come  up  with  viable  solutions  to  drastically  reduce  the
               attack surface. In turn, you can ensure that your company remains ahead of cyber attackers,
               which will give you greater peace of mind.
               Developing a Business Continuity Plan


               A business continuity plan is based upon devising a strategy and creating a plan of action in the
               event  of  a  disaster.  If  your  enterprise  is  in  fact  hit  with  a  serious  attack,  you  will  have  a
               sequence of steps in place to minimise the damage and get operations back to normal in the
               shortest amount of time possible.



                   46    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   41   42   43   44   45   46   47   48   49   50   51