Cyber resilience: 12 key controls

Cyber Resilience 7th January 2023

Cyber resilience is an approach that brings together business continuity, information and communication systems security and organisational resilience together.

Ultimately, it is your ability to continue to operate should you suffer a cyber event, such as a cyberattack or a natural disaster.

As part of cyber resilience, there are 12 key cyber hygiene controls that you should consider adopting today. These have long been established and considered best practices for many years.

More recently, insurers are asking you to demonstrate your compliance with these controls. Your inability to demonstrate this can potentially impact your ability to obtain, or renew insurance, or it can result in reduced coverage.

The 12 Controls:

Multifactor authentication

  • Additional electronic authentication, combined with your username and password.
  • A passcode, generated by an application or shared via SMS, email or app.

End point detection & response (EDR)

  • Endpoints are the entry point for almost all types of malicious attacks on your infrastructure.
  • EDR is a solution that continuously monitors detects and responds to attacks on end-point devices e.g., anti-virus software.

Backup & recovery

  • Secure, encrypted backups, are stored in a separate and secure location.
  • Tested (monthly) for successful recovery from your backup.

Privileged access management (PAM)

  • An information security mechanism that safeguards and controls identities with special access or capabilities beyond regular users.
  • Runs on the principle of “least privilege” or “zero trust”, ensuring users only have the access they need to do their job.

Logging and monitoring

  • Continuous monitoring will allow you to detect a cyber attack on time. Software and applications are used to identify unusual or malicious activity on your network and notify you in real time, and some solutions can take action without human intervention.

Email filtering & web security

  • Scanning of inbound and outbound emails for undesired content, categorising (e.g., spam, junk, virus, and malware) and taking specific actions (e.g., block, delete, move to junk).
  • Web filtering is restricting access to certain websites or those that have malicious content.
  • Managed through software-based technology, or by using specialist hardware.

Patch & vulnerability management

  • Vulnerability management refers to the process of discovering, identifying, cataloguing, remediating, and mitigating vulnerabilities found in software or hardware to prevent exploitation.
  • Patch management refers to the process of identifying, testing, deploying, and verifying patches for operating systems and applications found on devices to increase your security and prevent exploitation.

Cyber incident response planning & testing

  • Incident response is a term used to describe the process by which an organisation handles a data breach or cyberattack, including the way the organisation attempts to manage the consequences of the attack or breach.
  • This is part of your business continuity planning and your disaster recovery plan and should involve the entire organisation and not just IT.

Cyber security awareness training and phishing testing

  • Cyber security Awareness Training: your employees are your best line of defence if your IT systems don’t stop the threat, educate them to help prevent attacks
  • Simulated phishing attacks to regularly test and educate your employees.

Hardening techniques including remote desktop protocol (RDP)

  • Hardening is a process to reduce means of attack by taking specific actions e.g. turning off nonessential services and connections.
  • Remote desktop protocol (RDP) enables users to remotely access your network. This should be shut down and replaced with more secure solutions where possible.

End-of-life management

  • Protocols and processes to ensure that when hardware and software that is no longer maintained or supported it is removed/replaced.
  • When hardware and software are not maintained they are no longer tested for security vulnerabilities, leaving these devices open to exploitation.

Vendor/digital supply chain risk management

  • Processes to identify, assess and mitigate risk in your end-to-end supply chain with the intention to prevent issues and loss mitigation if issues do occur.
  • Cybercriminals are known to attack a selected target via their supply chain when they have been unsuccessful in a direct attack.

Whether you need insurance or not, ensuring your organisation has the 12 controls in place it the best way to improve your cyber security posture and resilience.

When combined, the IASME Cyber Essentials Plus and Cyber Assurance Level 2 certifications address these controls, ensuring they are in place, and giving you the ability to demonstrate your compliance with them.

Further reading:

Defence, protection, security. We've got you covered.

Whether you need to enhance your approach to cyber threats, overhaul your IT infrastructure or improve your communications, we’re here to help and advise. Talk to a specialist today and take the next step towards being a stronger, more resilient business.

Speak to a specialist

Need support? Take Control.

The button below is to be used when instructed by our technical support team. This will allow a file to be downloaded to your device for them to take control and help solve the issues you are having.

ND Take Control

exe · 7.6MB

Please note: only to be used when instructed by a member of our support team. Windows devices only.