Table of Contents
Reading Time: 3 minutes
7. CYBER SECURITY DEFENSES USED BY ORGANISATIONS
Cyber security defence refers to the ability to preventing cyber criminals from compromising a computer system or device. Vendors in the cyber security space offer a variety of products and services organisations can acquire to help them to protect their environments from malicious actors.
The most common security technologies include:
- Managed Detection and Response (MDR)
- Multi-Factor Authentication (MFA)
- Identity and Access Management (IAM)
- Endpoint Protection
- Intrusion Prevention/Detection Systems (IPS/IDS)
- Data Loss Prevention (DLP)
- Endpoint Detection and Response
- Security Information and Event Management (SIEM)
- Vulnerability Scanners
- Virtual Private Networks (VPNs)
- Cloud Workload Protection Platform (CWPP)
- Cloud Access Security Broker (CASB)
More detail about how organisations have been implementing those cyber security technologies will be discussed at a later time in the portal.
8. BEST PRACTICES RECOMMENDED TO ORGANISATIONS TO STOP CYBER ATTACKS
As previously discussed, the high number of sophisticated cyber attacks targeting companies’ critical infrastructures have had a massive increase compared to 5 years ago, where billions and billions of dollars have been spent every year due to data breach caused by those attacks. To help organisations, their employees and customers to protect themselves from cyber threats, implementing best practices will undoubtedly help them to mitigate their risks and exposure. Some of these best practices will include the following, but it is not limited to:
- Employ the culture to always avoid pop-ups (when applicable), unknown emails and links
- Employ the culture to always use strong password protection and authentication
- Employ the culture to always connect to secure Wi-Fis
- Employ the culture to always enable firewall protection at the workplace and at home
- Employ the culture to invest in security defences and software updates
- Be open to consider biometric security when appropriate
- Create a hierarchical cybersecurity policy and culture within the organisation
- Employ the culture to back up your data and keep it safe, especially due to the increase on the number of ransomware attacks targeting organisations from all industries
- Ensure only authorised personnel will have access to your physical infrastructure
- Ensure privileged users are constantly monitored
- Employ the culture to perform robust and continuous cyber security awareness programs
More detail about how organisations can implement those best practices will be discussed at a later time in the portal.
Cyber security is an extraordinary and broaden area. It has become very strategic for organisations of all sizes and sectors nowadays.
Such massive increase on the use of the Internet by organisations employees to work remotely, due to the current COVID-19 pandemic, has raised a concern for cyber security professionals and C-Level management. Furthermore, the latest cyber threats (e.g., APT, ransomware) have shown a significant increase on the number of attacks impacting critical infrastructures of organisations of all over the world. New regulations and legislation (e.g., GDPR, the Brazilian LGPD) have become increasingly crucial for organisations to ensure they have sufficient security controls in place to protect their environments from malicious code and actors.
Cyber security is everybody’s responsibility, although many people, unfortunately, still believe that it is only the cyber team’s responsibility.
Changing an organisation mindset in order to buy the idea that everybody must contribute for the protection of its environment isn’t an easy task, especially with minimum, or no support whatsoever, from the board, along with poor practices, and lack of skilled cyber security professionals supporting business areas.
In order to achieve such goal, it is paramount to bear in mind that, continuous cyber awareness programs should be established within organisations to ensure employees are aware of cyber threats, their risks, responsibilities and impact for their businesses.
Having the right cyber security structure, enough power to put things in motion, best practices and support from cyber security experts will also be undoubtedly crucial to help keeping criminals away.
Cyber Security Enthusiastic and founder of the WeCyberYou! platform.
Edson is a Cyber Security enthusiast who has been working in the Cyber Security space for over 20 years, assisting organisations from different industries, such as Consulting, Financial, Education, Telecommunication, and State and Federal Government, in Australia and Brazil, to protect their environments and reputations from internal and external cyber threats.
He holds a degree in System Analysis, a postgraduate degree in Cyber Security and the CISSP and CISM certifications.
He is currently working as a Senior Information Security Manager in Australia assisting private and public organisations to protect their environments and reputations from malicious code and actors.