Combat the rise of online assaults with these five steps to keep hackers out of your confidential data.
While no organisation can ever be completely safe from hackers there are steps you can take to minimise the risks.
To keep ahead of hacktivits, BAE Systems Detica Managing Director Asia Pacific and Middle East, Richard Watson says it is “imperative” for companies to design and deploy cyber security capabilities that tackle the risks but let the business operate with confidentiality.
“Organisations should think about protecting information at the business process level and use technology as part of an overall capability, rather than hoping it will drive an improvement by itself,” he said. “Security should be an integral part of a company's risk management processes as a breach can entail a huge risk and damage to a company's bottom line, brand and reputation.”
Watson recommends companies should consider five steps to protect their business and supply chain: prepare, protect, monitor and respond and the human factor. The human factor is one of upmost importance said Watson.
“Without the human element, technological controls are useless. Creating a culture of security is imperative. Companies must also always consider their suppliers’ security measures to ensure they align with their own.”
Here are BAE Systems Detica 5 five steps to minimising cyber-attack risks.
- Prepare
Make sure you understand your “trophy information” (information that is highly desirable to hackers and corporate thieves), cyber risk, compliance environment and internal cyber capability. These are the first things to assess in any cyber security plan. Based on this knowledge, you can develop strategies and tactics that will help address cyber risks based on priorities. It will also pinpoint whether you need to develop your workforce to become more cyber aware and what additional skillsets might be required. Publish your business rules for cyber security and create awareness of these among your employees and those of your supply chain.
- Monitor
Businesses should continually monitor systems and networks for signs of malicious activity, but also keep track of changing business requirements, emerging trends and the external environment they operate in. Make sure you measure the effectiveness of cyber security (technical and non-technical capabilities) as this will help you stay on track.
- Protect
It’s imperative to design and deploy cyber security solutions that will address risks and enable the business to operate with confidentiality and integrity. However, these solutions need to be carefully developed so they don’t cripple your systems by being too secure. Apply sound engineering processes to the selection, development and deployment of cyber capabilities so that they integrate well with your business operations.
- Respond
Having response plans in place sounds like a given, but this is often overlooked by businesses. Understand your capability to contain and recover from cyber incidents and make sure you learn from previous ones and that the appropriate feedback is given in order to prepare processes.
- The human factor
Companies place a lot of importance on technology when it comes to cyber security but it’s important not to overlook the human factor. Do employees understand the sensitivity of the data they have access to and the implications if there is a security breach? Getting employees to care about security and understand that they have an important role to play in keeping the organisation’s cyber security risk to a minimum is key.