Cyber risk management

Cyber Risk Management

You are reading this so you realise there are risks

 

Secure Configuration

Most systems will need updating once purchased, as they would have spent time ‘on the shelf’, prior to use. Then once in service they will need constant updating, sometimes called ‘patching’. Do you know what needs updating, what settings need changing, is the admin password still the default (e.g. ADMIN)

 

Manage User Privileges

The principle of ‘Least Privilege’, what accesses do people require to do their job? Are you aware there are different access levels

 

User Education and Awareness

Security is everybody’s responsibility, increase awareness, provide training and establish a security conscious culture

 

Incident Management

All organisations WILL experience security incidents at some point. Can you list the most common types of attack and describe your reaction to these attacks

 

Malware Prevention         

Malware typically involves somebody else putting bad things on your system. Develop and implement anti-malware policies and procedures, such as anti-virus, as part of an overall ‘defence in depth’ approach

 

Monitoring

Virtually all systems have monitoring elements built in, but they are useless as a preventative solution unless somebody is looking at them. Monitoring is often a key capability needed to comply with legal or regulatory requirement, such as the Data Protection Act.

 

Removable Media

Removable media, such as USB pen drives, provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. You should be clear about the business need to use removable media and apply appropriate security controls to its use

 

Home and Mobile Working

Train users on the secure use of their mobile devices in the environments they are likely to be working in

 

CONTACT US FOR OUR free INITIAL CYBER RISK BASELINE ASSESSMENT

 contact@cybercsi.co.uk can help! 

 

+44(0)7809683419


Or fill out our contact form.

Our new website goes online

Thanks for visiting our new website! It provides information about us, our services and IT strategies.

Print | Sitemap
© CyberCSI