Cyber resilience is an approach that brings together business continuity, information and communication systems security and organisational resilience together.
Ultimately, it is your ability to continue to operate should you suffer a cyber event, such as a cyberattack or a natural disaster.
As part of cyber resilience, there are 12 key cyber hygiene controls that you should consider adopting today. These have long been established and considered best practices for many years.
More recently, insurers are asking you to demonstrate your compliance with these controls. Your inability to demonstrate this can potentially impact your ability to obtain, or renew insurance, or it can result in reduced coverage.
- Multifactor Authentication.
- Additional electronic authentication, combined with your username and password.
- A passcode, generated by an application or shared via SMS, email or app.
- End Point Detection & Response (EDR).
- End points are the entry point for almost all types of malicious attacks on your infrastructure.
- EDR is a solution that continuously monitors to detect and respond to attacks on end point devices e.g., anti-virus software.
- Backup & Recovery.
- Secure, encrypted backups, stored in a separate and secure location.
- Tested (monthly) for successful recovery from your backup.
- Privileged Access Management (PAM).
- Information security mechanism that safeguards and controls identities with special access or capabilities beyond regular users.
- Runs on the principle of “least privilege” or “zero trust”, ensuring users only have they access they need to do their job.
- Logging & Monitoring
- Continuous monitoring will allow you to detect a cyber attack in a timely manner. Software and applications are used to identify an unusual or malicious activity on your network and notify you in real time. Some solutions can take action without human intervention.
- Email filtering & web security.
- Scanning of inbound and outbound email for undesired content, categorising (e.g., spam, junk, virus, and malware) and taking specific actions (e.g., block, delete, move to junk).
- Web filtering is restricting access to certain websites or those that have malicious content.
- Managed through software-based technology, or by using specialist hardware.
- Patch & Vulnerability Management.
- Vulnerability management refers to the process of discovering, identifying, cataloguing, remediating, and mitigating vulnerabilities found in software or hardware to prevent exploitation.
- Patch management refers to the process of identifying, testing, deploying, and verifying patches for operating systems and applications found on devices to increase your security and prevent exploitation.
- Cyber Incident response planning & testing
- Incident response is a term used to describe the process by which an organisation handles a data breach or cyberattack, including the way the organisation attempts to manage the consequences of the attack or breach.
- This is part of your business continuity planning and your disaster recovery plan and should involve the entire organisation and not just IT.
- Cyber security awareness training and phishing testing
- Cyber security Awareness Training: your employees are your best line of defence if your IT systems don’t stop the threat, educate them to help prevent attacks.
- Simulated phishing attacks to regularly test and educate your employees.
- Hardening Techniques including remote desktop protocol (RDP)
- Hardening are processes to reduce means of attack by taking specific actions e.g. turning off nonessential services and connections.
- Remote desktop protocol (RDP) enables users to remotely access your network. This should be shut down and replaced with more secure solutions where possible.
- End of life management
- Protocols and processes to ensure that when hardware and software that is no longer maintained or supported it is removed/replaced.
- When hardware and software is not maintained they are not longer tested for security vulnerabilities, leaving these devices open to exploitation.
- Vendor/digital supply chain risk management
- Processes to identify, assess and mitigate risk in your end-to-end supply chain with the intended to prevent issues and loss mitigation if issues do occur.
- Cybercriminals are known to attack a selected target via their supply chain when they have been unsuccessful in a direct attack.
Whether you need cyber insurance or not, ensuring your organisation has the 12 controls in place it the best way to improve your cyber security posture and resilience.
When combined, the IASME Cyber Essentials Plus and Cyber Assurance Level 2 certifications address these controls, ensuring they are in place, and giving you the ability to demonstrate your compliance with them.
