Developing Cyber-Security Best PracticesBy Samuel Greengard | Posted 2017-03-21 Email Print
A focus on improving enterprise cyber-security is essential, and constructing a robust cyber-security framework with best practices is an ongoing challenge.
On the other hand, blunt force attacks are a very real threat for companies large and small. Over the last few years, ransomware attacks have become commonplace. "Attackers are breaking into systems to steal information or lock down systems so that they can extort money," Malone points out.
Oftentimes, these thieves aren't particularly interested in selling the information on the open market because it may not have a lot of value there or they don't want to spend the time or take the risk. "But for the company whose data is compromised, it can have significant value or represent a regulatory or other risk," he adds.
Deploying Enterprise Cyber-Security Best Practices
Building a sustainable cyber-security framework is paramount. Establishing a set of cyber-security best practices is essential.
PwC's O'Hara says that a starting point is to ensure that the executive suite is informed and involved at every step. Without buy-in and funding most enterprise cyber-security initiatives underperform.
Equally important: It's vital to recognize that cyber-security is no longer the exclusive domain of the CIO, CSO, CISO and other executives. It's a task that must be addressed at all levels of the enterprise. Today, every department and initiative—from human resources to finance, and from app development to mobility and analytics—touches security in a deep way. "Cyber-security must be a primary concern and focus for every system and initiative," Accenture Security's Richards says.
O'Hara says that organizations should focus on issues such as authentication, encryption, application security and malware detection, but also on broader attack patterns and a more sophisticated cyber-security framework. This may lead an enterprise down new and different paths, including the use of artificial intelligence (AI) or deep learning and analytics.
Emerging systems can spot anomalies and unusual patterns as packets cross the network or as employees log in from an unusual IP address or at an odd time. This may my result in temporarily shutting off access to a system, re-authenticating a request or doing additional analyses of packets.
Finally, it's wise to consider intelligence sharing services and to invest heavily in employee education and training. Many attacks—and many of the most devastating breaches—occur because an employee falls prey to a social engineering scheme. With a defense-in-depth approach, a negative outcome is far less likely.
For example, a multi-layered security approach may include training employees to spot a phishing attempt; security software that spots fake links through a blacklist; a procedure for authorizing and approving money transfers and other requests; and a robust backup and recovery system that neuters a ransomware attack.
In the end, a best practice cyber-security framework revolves around four distinct and critical skill sets, according to a PwC report, "The Global State of Information Security Survey 2017." These include:
Ingesting and surfacing meaningful, validated intelligence in real time
Assessing the organizational impact of that intelligence
Identifying actions to mitigate threats
Taking prompt technical, legal and operational action when an attack or breach occurs.
"It is an extremely challenging environment," PwC's O'Hara says. "But the right strategic framework with the right technologies, processes and culture can greatly reduce risks."