The Cybersecurity Agency of Singapore (CSA) recently invited the public to provide feedback on the proposed Cybersecurity Bill. The bill’s intention is to make cybersecurity a top priority for all businesses.
Cyber threats today are becoming deadlier. Attacks like WannaCry and Petya have proved how much damage they can cause in terms of financial losses and disruptions to daily lives around the world. In addition, C-level individuals might be liable for jail or fines under the bill’s proposed laws, which require businesses in critical information infrastructure (CII) sectors to appoint CII owners. The owners will be held responsible for the protection and operation of CII in their organizations.
In the face of these pressures, organizations in Asia Pacific struggle to protect their critical data with a limited pool of cybersecurity talent. Hence, it is time to outgrow traditional measures that are costly and ineffective and take an approach that is more proactive—one that takes the fight back to the cybercriminals.
Here’s how to build cybersecurity measures that provide real value:
Know your business risks
Before you can secure your network effectively, you must know what you are protecting. Not all risk scenarios are created equal, so it’s essential to prioritize your assets based on how critical to the business they are. One effective way to do this is to perform a Business Impact Analysis (BIA), a review of your network that will help rank your risks according to potential business loss. For instance, an email outage might slow operations down, but it is relatively faster and cheaper to fix as compared to a breach in your customer database. Your assessment should also take into account blurring network boundaries, such as ERP systems that allow third-party access. All these will give you a “heat map” of your risks, giving you a clear “general’s view” of your network vulnerabilities.
Focus on detection
With the “heat map” in hand, you can start laying out detection-centric measures to secure your critical assets. Gone are the days when simply recognizing threat signatures are enough. At the speed threats are evolving, you need to continuously monitor your IT assets and business systems while performing correlation and deep analysis at the same time. Only then will you be able to reveal hidden risks. In addition, you need to be proactive by correlating multiple streams of data and pulling insights from both real-time events and asset risk profiles to detect threats early and reduce false positives.
Enhance the human response to threats
Once you have the ability to know the threats, you can respond effectively. Here, the human connection is extremely important. In order for a security team to take action on a threat, someone must be alerted to come up with an appropriate response. A sophisticated, risk-based alert process can greatly help in this respect, amplifying the human touch with the power of automation. Your notification system should reduce false positives and offer specific warnings that give security personnel insights they can act on. In this way, you can reduce incidence response times and increase the confidence of your stakeholders.
Going through with all these three recommendations is no mean feat. Hence, selecting the right managed security services provider is extremely crucial. An effective partner can help you review your networks, deploy detection and response capabilities, and beef up security staff with value-add specialists. Whatever stage you are in, it is important to begin the process—or accelerate it if you’re in the midst of it. Threats wait for no organization. Get proactive with your security today.