Your IndustryOct 19 2016

Eight steps to cyber security

twitter-iconfacebook-iconlinkedin-iconmail-iconprint-icon
Search supported by
Eight steps to cyber security

Business bosses should implement a framework that guards against the threat of internal data security breaches according to the head of a cyber technology firm.

Employees can compromise sensitive data – be it maliciously or completely unintentionally – but Jamie Graves, chief executive of cyber security company ZoneFox, says there are eight steps employers can take to mitigate the risk.

The first step is to work with human resources to purchase safeguards against the hazard – also known as insider threat.

On the second step, Mr Graves said: “Ensure that there are ample security policies and/or employee agreements that back up any actions that may have to take place due to insider threat activity. For example, acceptable use policies, information security policies, and privacy policies.”

The third step requires bosses to quickly respond to an insider threat and attempt to establish whether or not the breach was intentional. A user deliberately attempting to steal data should be handled differently to one who downloads malware accidentally, Mr Graves said.

The fourth step centres on prioritising the breaches based on the value of the compromised information assets, the privilege level of the user, and the action being taken.

The fifth step is to devise a plan based on priority level, established processes, and HR agreements, while step six requires bosses to put the plan in action. This may include the reduction or removal of user privileges on high assets, or confiscation of company assets in the perpetrator’s possession.

Gathering more information is the seventh step. Mr Graves said: “Once you have acted to contain the threat, it is imperative to understand when the activity may have started, if there is more than one party involved, any tools, techniques and procedures put to use, and what the intended target was (if it was intentional).

“Data is your friend here, and hunting for any and all activities pertaining to this threat in your environment is paramount to getting to the bottom of things. But remember to be discreet.”

Mr Graves said the eighth and final step is to have a post-mortem with HR to develop a more robust process to stave off insider threats or to mitigate the impact of future incidents.

He added: “Remember, data is your friend, so have a robust user behaviour analytics engine running behind an endpoint monitoring solution.”

Adviser view

Neil Liversidge, managing director at West Yorkshire-based West Riding Personal Financial Solutions, said: “We have always been hyper-aware of the importance of cyber security, so when criminals hacked and cloned a client’s email account we picked it up before the client herself even realised there was a problem.

"This enabled us to ‘draw in’ those responsible, leading to an arrest. Considering that many highly intelligent and qualified individuals have been duped into handing over astronomical sums, this should make every adviser aware that cyber security is absolutely as important as physical security. 

"We have a rule requiring dual-oversight of any payments we authorise. Our guard has to be up on the cyber front 24/7.”