Cyber Security - Not just a technology issue

Many organisations have invested heavily in cyber security and implemented state of the art technology solutions. But it takes more than just the best technology for a business to be protected from cybercriminals. Your people and robust processes are also vital to effective cyber security. The smartest organisations recognise this and educate their employees, creating a “human firewall” of vigilant and trained staff supported by a well-documented security policy.

Investing in the right stuff

Employees are at the frontline of cyber defence. Giving them the knowledge to recognise a potential cyber breach goes a long way in providing solid protection.

Creating a security process that contains a ‘set of rules’ for users to abide by will offer a strong wall of defence. If users don’t understand the reasons for these rules, they risk the integrity of the organisation’s cyber security.

These “rules” include maintaining an accurate log of company equipment, operatives, and software. Having an accessible, documented recovery plan in the event of a cyber incident is also vital to allow a business to recover as soon as possible.

Police CyberAlarm (PCA) is a free tool that assists organisations maintain their cyber security posture, collecting the metadata of suspicious and malicious activity targeting their online networks. These data help identify emerging threats and inbuilding a picture of the source.

Members receive a monthly vulnerability and threat report, alerting them to actions they need to take to protect themselves, classifying them as critical, high, medium, or low.

Critical vulnerabilities have a high likelihood of being exploited, allowing an attacker to cause extensive damage or fully compromise the affected system. They demand immediate attention.

Case Study

These monthly reports recently proved invaluable to a Police CyberAlarm member, identifying a record number of critical vulnerabilities.

The member had recently undertaken an extensive and successful system penetration test, but a third-party supplier, linked to their network was outside the scope of the penetration test. This meant that the test failed to spot critical vulnerabilities in this supplier’s system.

Thanks to the Police CyberAlarm vulnerability scans, the member was able to identify and isolate the problem and prevent unauthorised access within a few hours of the critical vulnerability being discovered. Having isolated the problem and put in place the solution, various upgrades were made in the next few weeks and updated hardware implemented.

However, what happened next highlights the importance of people and processes in maintaining effective cyber security. When Police CyberAlarm ran the next monthly vulnerability scan, the same critical vulnerabilities were found. The upgrades and new hardware had been installed and the old configurations copied across without checking that the new configurations and updates should be applied.

Outcome

So, what does this tell us about the process and planning for this testing? The procedure used to define the boundaries of the penetration test must include the entire network as well as who else is connecting to the network.

Maintaining an up-to-date log of hardware, upgrades, updates, firmware, software and versions should be good practice for network managers. Documenting procedures for new equipment implementation and new users and leavers is as vital as keeping a log of who has keys to the doors of your organisation.

Making sure all your staff are aware of the cyber threats and how they can help in securing the organisation will promote a cyber security culture within your organisation to match the technology solutions you have invested in.

If you want to learn about how Police CyberAlarm can help you understand and monitor malicious cyber activity against your network, then go to www.cyberalarm.police.uk/police-cyber-alarm/how-it-works/