We are

  • Expert

How Can You Protect Your Business From a Cyber-attack? Part. Three

In a follow up to our previous cyber security series, as well as a response to news coverage on the lack of online security awareness, we felt it time to really concentrate on the advanced cyber-attack landscape and the lack of ‘cyber maturity’ that many organisations face today.

This year RSA (the security division of EMC corp) examined cyber security practices across organisations of all sizes, industries and locations from around the globe. Findings show that while organisations have protection strategies in place, many would say that their abilities to identify, detect, respond and recover from attacks are under-developed – with 45% describing their capabilities in these areas as ‘non-existent’ and ‘ad hoc’.

The research has concluded that typically there is an adequate investment in firewalls, anti-virus and malware protection – which is an excellent start to safeguarding your system. However, many organisations lack ‘cyber-maturity’.

In other words, organisations tend to have the tools to block less advanced threats with anti-virus and malware protection but lack a real understanding of the varying magnitudes of attacks and how to cope when these protection tools are simply not enough.

What is cyber-maturity?

RSA’s research (along with a heap of news articles on recent sophisticated attacks) confirms that cyber-maturity in risk management is under developed across the board – regardless of organisational size.

Furthermore, RSA president Amit argues that in order to move toward mature capabilities "we need to change the way we think about security and that starts by acknowledging that prevention alone is a failed strategy and more attention needs to be spent on strategy based on detection and response”. So, what exactly is cyber-maturity?

It is a measurement established by computer security specialists and is used when assessing an organisation’s security practices. Effectively a cyber-mature organisation would have highly adaptive and risk-focused security practices that are complemented by an up-to-date knowledge of cyber threats.

To improve cyber-maturity, and in turn alleviate cyber-security related stress, you should be paying attention to the what, when and how of potentially detrimental attacks. Awareness and preparation for the worst case scenario is the greatest approach.

Equip yourself and your staff members with an understanding of the current cyber-attack landscape as well as full awareness of your organisation's own online environment. This can be done by answering questions like what threats exist (size, strength, prior damage etc.)? When could an attack occur? When are my systems most vulnerable? And how can I reduce negative consequences of these threats?

In short, prevention and protection tools are a hopeful start, but do not guarantee safety against sophisticated attacks. To ensure long term awareness and safety you need to understand the real-time cyber security risk – that means you should be capable of measuring, assessing and mitigating attacks.

Here's Pt. 1 and Pt. 2 of the cyber security series.

Talk to us.

Let's start a conversation about your web presence today
Phone: +64 4 384 9833 | Email: us@expert.services
Address: 19 Tennyson Street, Te Aro, Wellington 6011, New Zealand
Postal address: PO Box 6474, Wellington 6141, New Zealand

To send us an email, please complete the form below...