Top 7 investment areas and actions to cyber secure your business in 2022 and beyond - Australian Cyber Week

Oct/28/2021

It’s Australian Cyber Week, so we thought it timely to ask our resident Cyber Guru, @JamesTucker to share his views on the kind of preventative measures businesses should be investing in to ensure performance, productivity and protection for their business operations.

In a year where we’ve seen cyber-attacks and vulnerabilities at levels of complexity and frequency like never before, it’s time to act.

Here are our recommendations for 7 key areas to understand and address in securing your business in 2022 and beyond.

Critical Review Area to Understand

Recommended Activity

The Threat Landscape and associated security controls.

Identify and prioritise the most likely and highest impact threats to your business and/or vertical.
Focus manpower and money on implementing detection and controls to mitigate those threats.

The security maturity of talent across your business (including C-Suite).

Provide organisation-wide training on how to identify and deal with cyber threats; particularly phishing and physical security.
Train every member of the incident response team.
Run table top / scenario-based exercises so that everyone understands their role at every phase of the incident lifecycle.

Organisational assets (technology, software, infrastructure).

Be aware of and actively manage:
Infrastructure and software assets owned or consumed by your entity.
Vulnerabilities on those assets.
Remediation of vulnerabilities.
Processes to support recovery from asset failure or compromise.

Asset activity and validation of controls.

Create audit logs for all change and access activity.
Ensure Endpoint protection and response for all servers/workstations.
Undertake network traffic analysis and protection, particularly at network boundaries.
Manage phishing; it’s a major vector for initial access.
Ensure alerts and anomalies are responded to and understood by your team.

The entities interacting with your assets.

Restrict user accounts to the least privilege on each asset or service, using a centralised AAA system to provide a simple, single point of control and reduce error.
Use multi-factor authentication wherever possible, both internally and with partners.
Ensure privileged accounts are separated and only used for administrative activities (and vice-versa) to limit damage caused by a compromised account.

Partners, Suppliers and Service Providers.

Complete security-focused due diligence on every partner, supplier and service provider.
Be aware of their vulnerabilities and compromises.
Create a plan in case of a critical third-party compromise.

Your response plan for cybersecurity incidents.

Create, test and manage a response plan for cyber security incidents.
Ensure you have appropriate skills in-house, or a partner with an external provider, like Equate Technologies / Nexon, to ensure scalable protection.
Stay focused on optimising resources to ensure the 6 phases of security incident response are managed within your risk appetite and profile:
- Preparation
- Identification
- Containment
- Eradication
- Recovery
- Lessons Learned

Priority takeaways and actions from the ACSC’s Annual Cyber Threat Report – Rylan Painter shares his views.

Nexon Asia Pacific acquires Equate Technologies, strengthening its comprehensive security offering and value to Australian organisations

From Soldier to SecOps – Heath Moodie shares his journey

Top 7 investment areas and actions to cyber secure your business in 2022 and beyond – Australian Cyber Week

Related Posts

Priority takeaways and actions from the ACSC’s Annual Cyber Threat Report – Rylan Painter shares his views.

Nexon Asia Pacific acquires Equate Technologies, strengthening its comprehensive security offering and value to Australian organisations

From Soldier to SecOps – Heath Moodie shares his journey