29th April 2021
6 Min read
Protecting your organisation from cyber threats can be a complex task. Cyber security filters into your organisation at all levels becoming a shared responsibility between all of your team.
At Sentrium, we believe that cyber security should be straightforward and provide value where it matters the most. We use widely accepted methodologies to achieve industry best practices and make sure we can support your organisation and provide valuable assurance.
The NCSC’s 10 steps of cyber security are just one of the best practice methodologies that we use to help you protect your technology, information and people. We draw on government guidance to create a framework that helps you understand the most effective ways to protect your organisation and improve your cyber security.
Understanding and managing the risks to your technology, systems and information will help you take control of your business opportunities. A risk management regime will help you identify, assess and respond to risks that can impact your business.
To achieve this, you should determine your risk appetite which includes the risks you’re willing to tolerate and which are unacceptable. The regime should reside at the board level and be driven organisation-wide. This will help you maintain engagement from all senior management and build a risk management culture at other levels.You should produce supporting policies for technology and security risks that can be communicated across the organisation. These policies should be treated as ongoing and open to changes to remain effective and up to date.
Unconfigured or misconfigured systems can put you at risk of exploitation from malicious actors and unauthorised users. Through vulnerabilities, malicious actors can make changes to systems, exploit unpatched systems, or exploit poorly configured systems which can leave your resources and data at risk.You should apply security patches and use supported software at all times. Establish a baseline build and put together a strategy to remove or disable unnecessary system functionalities. An inventory of your hardware and software can help you manage your systems and their patch status.
Remote working has great benefits to your organisation and employees. It also brings with it risks that should be managed to keep your information secure. Credentials can be stolen, devices may be lost, and information can be overlooked by passers-by.
You should create a mobile and remote working policy that your staff is trained to follow. Apply the baseline build that you established in the configuration stage to all of your devices. You should encrypt your data to protect it in transit and at rest.
Security incidents are bound to happen at some point for an organisation. Having an effective incident management policy will help to protect against harm. It’s recommended that you identify the funding and resources you have available to deliver incident response and disaster recovery.
You should develop and test your incident management policy and processes to make sure they’re effective. Provide specialist training to your incident response team, and remember to log the actions taken during the incident to learn and improve your responses.
When information is transferred online there is the risk that malicious software, or malware, can be imported, for example via email, web browsing, web services, or removable media. Malware can cause harm to your organisation by leaking or disrupting sensitive data.
You should design and implement anti-malware policies that your employees are educated in. Make sure you scan data coming in and out of your network to identify malicious content. You should implement malware defences including firewalls, device protection and antivirus software.
Giving users unnecessary permissions to certain systems and data can lead to misuse and compromise. Based on the principle of least privilege, users should only have access to systems and information needed to fulfil their role and responsibilities.
You should establish effective account management processes and make sure that you limit the number of privileged accounts. Monitor user activity and limit access to system activity logs and other sensitive resources.
Good system monitoring helps you detect attacks on your systems and respond effectively. You can assess how your systems are being used and whether they’re being attacked.
You should establish a monitoring strategy to monitor all of your systems, inbound and outbound network traffic, and user activity. Analyse activity to identify when malicious activity occurs and align your incident management policy so you can respond effectively.
Your organisation’s network connections to the internet and other partner networks can expose your systems to attack. Threats can lead to malicious actors exploiting your systems, compromising information, or damaging resources.Manage your network perimeter using firewalls to monitor traffic and prevent malicious content from entering your network. Secure wireless access and enable secure administration. Penetration testing can help provide assurance in your security controls.
Removable media is a common way for malware to be injected into systems that can damage or expose sensitive data. You should limit the use of removable media in your organisation as much as possible, and make sure it’s scanned for malware where it cannot be blocked.
Where removable media is permitted, it should be issued by your organisation and not the user’s own media. Encrypt data on the removable media and actively manage when and how removable media is securely disposed of.
User education and awareness is the overarching security measure that will help to protect your organisation. The cyber security processes and policies that you design and implement should be shared with your team to make sure they’re aware of the risks and how to manage them.
Include these policies and processes in staff training and make sure your team is aware of how to report incidents in a safe and confidential way. Clearly communicate the risks and benefits that security can present to the organisation. The better your staff understand and embrace a positive security culture, the more effective it will be.
At Sentrium, we use this information to help you understand how best to protect your organisation from cyber attacks. Get in touch with us to find out how we can support your organisation’s cyber security requirements.
OWASP Top 10 2021 Released
The Open Web Application Security Project (OWASP) is a not-for-profit organisation that aims, through community-led open-source projects, to improve the security of web-based software. OWASP develop…
What is penetration testing and why is it important to use a CREST-approved provider?
Trusting the effectiveness of your IT security controls is crucial to mitigate risks and malicious access to your systems and the information they store. Penetration…
How secure use of the cloud can digitally transform your business
Companies that move towards digital transformation can innovate more quickly, scale efficiently and reduce risk to company assets. Businesses must keep up with growing customer…
How to prepare your business for secure cloud migration
The cloud holds a lot of potential for organisations. Moving your IT environment to the cloud provides flexibility and agility. It allows your team to…
Celebrating Sentrium’s contribution to cyber security
2020 is the year that remote working exploded. Businesses and the general public had to quickly adapt to new ways of working caused by the…
What is CREST and what are the benefits of using a CREST accredited company?
We’re delighted to announce that Sentrium Security is now a CREST accredited company! This is an exciting achievement for us and it’s great to be…
Application Security 101 – HTTP headers
1. Strict-Transport-Security The HTTP Strict Transport Security (HSTS) header forces browsers and other agents to interact with web servers over the encrypted HTTPS protocol, which…
New Exchange RCE vulnerability actively exploited
Exchange admins now have another exploit to deal with despite still reeling from a number of high profile attacks this year including ProxyLogon and ProxyShell.…
How effective is secure code review for discovering vulnerabilities?
We’ve recently discussed application security and the trend we’re seeing in which companies are increasingly implementing security early on in the Software Development Life Cycle…
Application Security (AppSec)
There is a movement in the IT security world that is gaining traction, and it is based around the implementation of security within applications from…
Enhancing Security in your Software Development LifeCycle – Dealing with Dependencies
The adoption of agile practices has resulted in the emergence of shift-lift testing, where testing is performed much earlier in the Software Development LifeCycle (SDLC).…
Exchange Server Emergency Mitigation Service
It has been a tough few months for Microsoft. After the SolarWinds/NOBELLIUM attacks, Microsoft Exchange customers were afflicted with a slew of vulnerabilities. In March…