Cybersecurity: be prepared

Cybersecurity, also known as computer security or software security or IT security, is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. The field is of growing importance due to the increasing reliance of computer systems in most societies. Computer systems more often based on cloud computing and include a very wide variety of “smart” devices, including smartphones, televisions and tiny devices as part of the Internet of Things (IoT) and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi, LoRa and other wireless networks. One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks.

“The threat is advancing quicker than we can keep up with it. The threat changes faster than our idea of the risk…”

Prevention and detection methods have proved largely ineffective against increasingly adept assaults, and many organizations don’t know what to do, or don’t have the resources to combat highly skilled and aggressive cybercriminals. To deal with the current environment, organizations need a more proactive and adaptive approach. Shift towards continuous monitoring and real-time assessments, by transition to a secure by design approach. Start with involving cyber focussed professionals throughout the development process to evolve design and approaches in ways that balance functionality, time to value, security, privacy, regulatory and compliance needs.

“Having security as an afterthought is tantamount to inviting issues”

Secure by the use of highly virtualised and template based stacks, which include automatically inheriting patches, configurations and cyber solutions elements. Build a monitoring and threat intelligence platform on the operational baseline of the system. From this operational baseline determine the “normal” operation, related to user behaviour, data exchange, server loads, connectivity and access. With this “normal” knowledge identify risk situations when they occur and react accordingly. Be prepared and test if your environment is safe enough to restore “normal” operations following an attack. Proactively create plans and tests for recovery from various attack scenarios. Update the lessons learned from these tests in your operational plans to further accelerate detection and reduce impact in the future.

“It’s not a question of if, but when you come into contact with cyber security attacks”