10 IT Commandments

71% of organisations were compromised by a successful cyber attack in 2014 and 2017 witnessed continued growth in number and sophistication of cyber attacks

cyberthreat Defense Report from CyberEdge Group

Did you know :

  • 77% of attacks in 2017 utilized fileless techniques
  • 69% of organisations don’t believe their antivirus can stop the threats
  • 4 out of 5 organisations replaced their antivirus solution in 2017
  • Security is getting more expensive and difficult to manage

One of the most challenging aspects of IT is the constantly evolving nature of security risks. Traditional approach to managing risks has over-run its shelf-life and unless your business is moving aggressively towards pro-active prevention you will slowly fade into the ice-age.

Below are 10 commandments that you must consider seriously to stand a chance against these new age cyber-attacks

  1. IT Security Policies
    • Ensure you have the basic policies in place to protect data and assets.
    • Ensure they are quarterly reviewed and updated (as applicable)
  2. 2-Factor authentication for all remote access
    • Ensure adequate authentication toll-gates are in place
    • Consider OTP or App or SmartCards
  3. Dedicated staff for Security
    • 100% accountability within the organisation for security is crucial.
    • Sharing of accountability is not the same – have a dedicated team
  4. Centralised Log Management
    • All platforms, applications should have logging enabled
    • Consider Splunk or ManageEngine for Real-Time Incidents Search & Diagnosis
  5. Perform Penetration Testing
    • Run quarterly vulnerability scans for exploits including sub-domain enumerators
    • Consider pro-active tools such as Netsparker, Metasploit or Acunetix
    • Remember, If you know neither the enemy nor yourself, you will succumb in every battle
  6. Disaster recovery plan
    • Ensure a business continuity plan exists that’s tested and kept up-to-date
  7. Intrusion Prevention System (IPS)
    • Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine. IPS has a number of detection methods for finding exploits, but signature-based detection and statistical anomaly-based detection are the two dominant mechanisms.
    • Centralised log management will help detect and prevent such attacks.
    • ManageEngine EventLog Analyzer provides out-of-the-box support for multiple IDS/IPS vendors such as CiscoJuniperSonicWallBarracudaWatchGuardNetScreenFortinetCheck Point
  8. End-Point Protection Solution
    • This is an absolute must. No DLP (data loss Prevention)  or controls of critical data at endpoints or in email or critical applications is a 100% audit failure
    • Invest in Endpoint Protection Platform (EPP) that are an integration of antivirus, firewall, anti-spyware, application control featuring host intrusion prevention techniques – all in one single platform. Symantec, McAfee, Endpoint Protector and Sophos are great options
  9. Scheduled Maintenance
    • Ensure monthly maintenance across all systems for OS, network and patching
  10. Documentation
    • Document EVERYTHING – network & system drawings showing architecture and data flow

One excellent framework to learn is the NIST (National Institute of Standards and Technology) Cyber Security framework. NIST implements practical cybersecurity and privacy through outreach and effective application of standards and best practices necessary to adopt cybersecurity capabilities.

Finally, when considering tools remember to evaluate them throughly to ensure they meet your business capacity. Process and Tools must be kept up-to-date, after all it is the survival of the fittest.