Cyber Security Readiness – Don’t Do Nothing!
Stephen Parsons of Viso Cyber Security talks to us about getting the basics right in terms of fostering a cyber-aware culture in your business.
“In recent weeks, a high-profile cyberattack on the MGM Casino group captured headlines, causing considerable disruption and financial loss. While this may appear distant from the concerns of some, the reality is that businesses of all sizes are potential targets for cyber threats.”
Viso Cyber Security
Stephen boasts over two decades of leadership in IT and Cyber Security, having held pivotal senior management roles across diverse sectors such as financial services, construction, healthcare, and distribution.
As CEO of VISO, he continues to provide unparalleled expertise and vision in Cyber Security.
“Currently, VISO Cyber Security is actively managing three cyber incidents for various Irish organisations. The objective behind these incidents is extortion, with the attackers tailoring their demands based on the victim’s financial capabilities.”
Despite the substantial recovery costs, these incidents won’t make headlines.
Cybercrime often operates in the shadows, making it an appealing choice for criminal groups. The anonymity and global reach of the internet provides cybercriminals with a veil of invisibility, allowing them to target businesses with relative impunity. Law enforcement needs to work across borders in many cases – not something they are used to doing to a large degree.
Furthermore, the potential for substantial financial gain without the risks associated with physical crime has made cybercrime an increasingly attractive venture for criminal organisations worldwide.
We have seen some criminal groups specifically target invoice redirect, relying on multiple smaller invoices to fund their enterprise. Other groups focus on ransomware and are actively looking for big seven figure payments. Focused groups means we have focused attacks of varying sizes resulting in organisations of all sizes being targeted.
Former FBI Director Robert S. Mueller aptly stated, “There are only two types of companies: Those that have been hacked and those that will be hacked.” This highlights the urgency of addressing cybersecurity.
While cybersecurity can sometimes appear daunting, it’s essential to realise that it’s not solely the responsibility of the IT team. Business leaders must actively engage in understanding and mitigating risks.
Cybersecurity, like any other facet of business, requires a combination of people, processes, and tools.
Understand the organisational cyber risk…
- Perform a cyber assessment – Begin with a cyber assessment, either self-conducted or through external experts. Utilise frameworks like ISO27001 or NIST Cyber Security as a foundation to evaluate internal controls, vulnerabilities, and external threats.
- Inform the leadership team – Communicate assessment results to senior leadership. Clear communication is essential for addressing gaps and obtaining support for cybersecurity efforts.
- Allocate Resources Strategically – Use the assessment to guide budget allocation using a risk-based approach. Some IT budget may be needed to implement additional protection mechanisms, and process issues should be addressed to enhance security.
Be ready to respond…
Enhance incident response tools – Invest in tools that improve the ability to respond to cyber incidents effectively. Relying solely on antivirus software is inadequate in today’s threat landscape.
- Appoint an incident manager – Have a trained incident manager in place – either internally or through a contracted third party. Waiting to seek external expertise during an incident can be costly. Incidents often occur on weekends when response times are critical.
- Train key staff – Train key staff on cyber incident response and run annual simulations. Response efforts typically involve more than just the IT team, so ensure that stakeholders are prepared.
Proactive management is better (and cheaper) than having to react to an incident…
- Establish a Cyber Security Dashboard – Monitor key risk indicators monthly, including cyber risks, vulnerabilities, training, and incidents. Measurement is vital for effective management.
- Create a cyber roadmap – Collaborate with the IT team to develop a roadmap based on risk assessment. Focus on gradual improvements over 6-12 months to keep up with evolving threats.
- Build a strong cyber security culture – Promote cybersecurity awareness from top to bottom within the organisation. Encourage discussions, celebrate investments, and ensure all staff members are aware of threats and their role in mitigating them.
“In conclusion, the message is clear: “Don’t do nothing!” Cybersecurity is an essential investment for organisations of all sizes and proactive measures are a lot more cost-effective than reacting to incidents.”