DEFINITION OF CYBERSECURITY: Cybersecurity is the ongoing application of best practices intended to ensure and preserve confidentiality, integrity, and availability of digital information as well as the safety of people and environments.
To keep up with our changing world and leading on from T4A’s last editorial instalment, we will now look at the next Pillar that may assist you with the IT operations of maintaining a successful business, as well as strategy planning for your future.
T4A practices the five pillars with every one of our clients to ensure that we deliver solutions to fit with your businesses’ needs.
In what can only be described as a turbulent global environment, we are going to offer some advice on how to not only survive it – but thrive in it!
Let’s now turn to the major topic of CyberSecurity. The threat has always been there but you will have noticed the growing number of cases being reported as technology glitches are being exposed all across the world.
To start with, you’ll need to consider the following points to ensure your business is properly protected:
- You need to have support from everyone in the business from top to bottom to ensure your approach is employed.
- Businesses with high cyber-resilience all consider support and oversight from management as the most important factor.
When it comes to cyber-attacks, it’s not a matter of if, but when.
- Cyber security is everyone’s business. All staff should know safe online practices.
- Although you can find countless approaches promoting many useful actions, there is no single fix for cyber security.
- Aiming to implement many actions, even if only to a small degree, is the best long-term approach to maximise protection with limited resources. Consider the full range of actions, rather than selecting a few.
IT Security Framework is a set of guidelines, or a kind of template that can be applied to your business and cyber security protocols to protect your security perimeter and minimise your risk of attack. The two most common frameworks in Australia are the Essential Eight (from Australian Cyber Security Centre) and The National Institute of Standards and Technology (NIST) is the US agency for industry standardisation and measurements.
CPA Australia has built their IT security framework around securing your information and system management, in order to protect client’s sensitive information. This framework is based on the Essential Eight from the Australian Cyber Security Centre.
Most of the listed IT security frameworks focus on a risk-management approach, meaning these guidelines are easily adapted to match your needs, and applicable to your business to target the specific risks that threaten your IT Security.
As the Australian Cyber Security Centre (ASCS) warns, business owners and managers must weigh investment in cybersecurity against other business needs and consider the overall level of cyber risk, the business’s exposure to such risks, and the potential whole-of-business cost that could be incurred if a serious cyber incident were to occur on the network.
A layered approach to security is required and if we follow “The Essential Eight” from the Australian Signals Directorate we are moving in the right direction. However even this is not enough, and they refer to “The Essential Eight” as a baseline.
According to the Australian Signals Directorate:
“While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems. Furthermore, implementing the Essential Eight proactively can be more cost-effective in terms of time, money and effort than having to respond to a successful large-scale cyber security incident”.
The ASD Essential Eight consists of:
- Mitigation strategies to prevent malware delivery and execution
- Application whitelisting of approved/trusted programs to prevent execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.
- Patch applications e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
- Configure Microsoft Office macro settings to block macros from the Internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
- User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the Internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
- Mitigation strategies to limit the extent of cyber security incidents
- Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
- Patch operating systems. Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.
- Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high availability) data repository.
- Mitigation strategies to recover data and system availability
- Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
So, are you ready to protect your business properly from the threat of CyberSecurity? We will assist you with taking firm ownership of your data by implementing the highest protection measures available. Don’t fall victim to this ongoing threat when we have all the answer available here for you ready to go!