e Top 7 investment areas and actions to cyber secure your business in 2022 and beyond - Australian Cyber Week - Equate Technologies

Top 7 investment areas and actions to cyber secure your business in 2022 and beyond – Australian Cyber Week


James TuckerIt’s Australian Cyber Week, so we thought it timely to ask our resident Cyber Guru, @JamesTucker to share his views on the kind of preventative measures businesses should be investing in to ensure performance, productivity and protection for their business operations.

In a year where we’ve seen cyber-attacks and vulnerabilities at levels of complexity and frequency like never before, it’s time to act.

Here are our recommendations for 7 key areas to understand and address in securing your business in 2022 and beyond.

Critical Review Area to Understand

Recommended Activity

The Threat Landscape and associated security controls.
  • Identify and prioritise the most likely and highest impact threats to your business and/or vertical.
  • Focus manpower and money on implementing detection and controls to mitigate those threats.

The security maturity of talent across your business (including C-Suite).
  • Provide organisation-wide training on how to identify and deal with cyber threats; particularly phishing and physical security.
  •  Train every member of the incident response team.
  • Run table top / scenario-based exercises so that everyone understands their role at every phase of the incident lifecycle.

Organisational assets (technology, software, infrastructure).
  • Be aware of and actively manage:
  • Infrastructure and software assets owned or consumed by your entity.
  • Vulnerabilities on those assets.
  •  Remediation of vulnerabilities.
  • Processes to support recovery from asset failure or compromise.

Asset activity and validation of controls.
  • Create audit logs for all change and access activity.
  • Ensure Endpoint protection and response for all servers/workstations.
  • Undertake network traffic analysis and protection, particularly at network boundaries.
  •  Manage phishing; it’s a major vector for initial access.
  • Ensure alerts and anomalies are responded to and understood by your team.

The entities interacting with your assets.
  • Restrict user accounts to the least privilege on each asset or service, using a centralised AAA system to provide a simple, single point of control and reduce error.
  • Use multi-factor authentication wherever possible, both internally and with partners.
  • Ensure privileged accounts are separated and only used for administrative activities (and vice-versa) to limit damage caused by a compromised account.

Partners, Suppliers and Service Providers.
  • Complete security-focused due diligence on every partner, supplier and service provider.
  • Be aware of their vulnerabilities and compromises.
  • Create a plan in case of a critical third-party compromise.

Your response plan for cybersecurity incidents.
  • Create, test and manage a response plan for cyber security incidents.
  • Ensure you have appropriate skills in-house, or a partner with an external provider, like Equate Technologies / Nexon, to ensure scalable protection.
  • Stay focused on optimising resources to ensure the 6 phases of security incident response are managed within your risk appetite and profile:
    • Preparation
    • Identification
    • Containment
    • Eradication
    • Recovery
    • Lessons Learned