In The News: Ensuring IT Security as Threats Evolve

by Security Centric, on 06/01/2022 12:15:00 PM

Last month Security Centric principal consultant Sash Vasilevski provided his expertise to Business IT, outlining recommendations for cybersecurity uplift measures for small to medium enterprises. 

Throughout the article, an outline is given of some of the cyber threats increasingly experienced by organisations as the hybrid nature of work, digital transformation, and technological advancements change the cyber threat landscape. Additionally, details regarding the best approach to ensure ongoing cyber risk reduction are given over the following areas: 

  1. Assess: This initial stage involves a careful assessment of an organisation’s core purpose. This could be financial services, manufacturing, or retail for example.
  2. Secure: The second stage involves implementing preventative controls to mitigate identified cyber security risks so they are within risk appetite. This might involve technical controls such as hardening systems and implementing robust authentication mechanisms.
  3. Maintain: This stage involves maintaining the desired risk posture that was achieved in the second phase. It involves periodic monitoring and staying aware of emerging threats. Day-to-day vulnerability checks and ongoing monitoring for suspicious behaviour also form part of this phase.
  4. Respond: The final stage involves investigating any security alerts that occur and determining which are false positives. If actual threats are identified, the security team then undertakes the steps required for remediation.

Read the full article here: How SMEs can ensure business IT security measures are sufficient in an evolving threat landscape

If you're looking to assess or uplift your cybersecurity strategies as we move into 2022, you can book a free cybersecurity planning session to talk about what your organisation can do to reduce business risk. Or, contact us to speak with one of our helpful team members.

Book your cyber planning session

 

Comments

Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe to Updates