Organisations need a multi-layered, risk-based approach to build cyber resilience. We believe a resilient cyber-defence-in-depth strategy is made up of five stages: detect, protect, manage, respond and recover.
Every organisation needs all the stages of defence in depth, some more detailed and comprehensive than others. The larger the company, or the more valuable its critical assets, the more multifaceted those defensive stages need to be at every level.
The first layer of a defence-in-depth strategy is detection.
Organisations need to understand the threats they face and where their cyber defences are most at risk of being breached. New cyber security vulnerabilities are discovered every day, so it is vital that an organisation carries out regular vulnerability scanning and penetration testing. These measures will identify any security flaws, enabling organisations to bolster defences where needed.
Protecting an organisation from the increasing threat of cyber attacks can be challenging. Employees are a crucial line of defence, and ensuring they know their security responsibilities and how to spot a cyber attack is critical.
Depending on the organisation, it may not need to implement extensive security measures, but at least a base level of security is essential. Certification to security schemes can protect an organisation from the most common cyber threats and publicly demonstrate its commitment to cyber security.
When it comes to larger or more complex organisations, managing cyber security risks requires a more intensive approach than implementing basic security protection.
Embedding risk-based security controls, managing the security of supply chains and carrying out regular audits are measures an organisation may need to take.
Certification to ISO 27001 demonstrates to customers, stakeholders and staff that an organisation has implemented and maintains information security best practice. An organisation will also need to have the necessary policies and procedures in place to evidence and ensure compliance with any regulations and standards.
One vulnerability is all it takes for cyber criminals to infiltrate a system.
The security measures an organisation implements should minimise the impact of a successful attack, but having a response plan in place is critical to limiting disruption and costs. This is especially important when it comes to breaches of personal data, which may need to be reported to the data protection authorities within 72 hours of being discovered under the DPA (Data Protection Act) 2018 and GDPR (General Data Protection Regulation).
Recovering from a cyber attack or data breach can be more disruptive than an organisation had planned for.
Most of the time, an organisation can restore enough critical services to be able to continue functioning, but it can take months to fully return to business as usual. Having cyber insurance in place can give organisations peace of mind, giving them cover when they need it most, and helping them get back to business as usual as soon as possible.