10 Apr Up-to-date assessments of cyber security posture.
3 ways to come up with an up-to-date assessment of your organisation’s cyber security posture.
In order to come up with an up-to-date assessment of your organisation’s cyber security posture, one has to start by compiling an accurate IT asset inventory and subsequently mapping your attack surface. It is crucial to understand your cyber risk… organisation-wide.
The cyber threat landscape is expanding and becoming more and more sophisticated. Cyber criminals are getting smart by the day. Their ultimate goals are to disrupt operations and get their hands on sensitive data to then ask for money in exchange for an agreed action.
To be in a position to be able to protect your organisation from cyber criminal teams, it is crucial to assess your cyber security posture and then strengthen it.
Cyber Security Posture and its importance
Cyber security posture is commonly defined as the “security status of an organisation’s networks, information and systems based on information security resources and capabilities in place to manage enterprise defence and react as the situation changes. This includes all the security policies and employee training programs in place, along with various security solutions deployed such as malware protection software.” – National Institute of Standards and Technology (NIST)
Cyber security posture is the cyber security strength and the organisation’s readiness to deal and respond to a cyber attack.
All the following are included: tools, processes and policies and training programmes – all implemented as protection from cyber threats. If your security posture is not given its due importance, it will leave your organisation weak and vulnerable to threats and cyber attacks. Take the relevant precautions. Defend against cyber attacks. Attacks and breaches often lead to business disruptions, data loss, reputational damage, lawsuits and regulatory penalties.
Understanding where your organisation is most vulnerable aids in establishing plans to harden systems and strengthen controls. Educating the workforce with cyber awareness training also helps secure your operational environment.
Create an IT Asset Inventory
Compile a comprehensive IT asset inventory with an in-detail breakdown of all networks, hardware and software systems and other elements stakeholders use. Categorise all assets as internal or Internet-facing. Include details such as user accounts, linked services, open ports, licences and updates. It is of paramount importance to decommission assets that are no longer in use or are no longer being updated. An evaluation of how each of these assets contributes to the organisation’s cyber security posture is to be included.
Creating this IT Asset inventory helps identify any technology gaps and in addition it is a base requirement for HIPAA and PCI DSS, to mention just a couple.
Assess current security controls
An analysis of the AS-IS is a second way to come up with an up-to-date assessment of your organisation’s cyber security posture. List, assess and analyse current controls used to detect, prevent and respond to security threats and risks. Common security controls include, regular employee training, firewalls, antivirus software, intrusion detection solutions, auto-alerting systems. A thorough assessment of the latter will determine whether these controls need to be strengthened or new additional security measures need to be added.
Identifying these security controls is not enough. One would need to assess their effectiveness in preventing and revealing security issues.
Identify Attack Vectors and create a map of the attack surface
The attack surface encompasses all the points an attacker could manipulate to penetrate your systems. In today’s digital era, organisations tend to have hundreds or even thousands of access points. Monitor them all 24×7, to prevent cyber attacks.
Attack vectors are methods used by attackers, namely malware, ransomware, viruses, stolen credentials, phishing, weak encryption, device misconfigurations and inadequate software patching. These pose risks to any organisation. In addition to the risk, always estimate the impact and probability.
The attack vector, in simple terms, is the asset inventory and attack vectors together. Understanding the assets you own and the ways cyber criminals may try to compromise them will put you in a position to strengthen your security posture. With clarity about the attack vector, you would be able to choose the right cyber security framework to address data security risks and in addition, implement incident response plans. A solid cyber security framework includes clear guidelines to identify potential cyber security risks, implement protective defence measures, detect (in a timely manner) cyber threats, respond to security events and recover after the unfortunate event of an attack.
It is always important to ask oneself “Do we have full visibility of our surface?”.
Cyber security posture can be reactive, proactive, defensive, offensive, compliance, and/or risk-based. To come up with an up-to-date assessment of your organisation’s cybersecurity posture: conduct regular vulnerability assessments and penetration testing, perform regular security audits and finally ongoingly monitor and analyse threat intelligence.
Cyber security posture is the security status and readiness of networks, hardware, software applications, and data within an organisation. Learn more about our penetration tests and vulnerability assessments today!