Cybersecurity strategy: why a holistic approach is the only way to keep attackers out of your network

Cybercriminals continue to target organisations of all sizes, finding even the smallest gaps and cracks to slide through. They’re persistent, well-funded, and sophisticated, and they don’t stop until they find a way in. This is why businesses need to understand all the potential entry points for cyber attackers and create a holistic cybersecurity strategy that leaves no door open.

A recent Forrester report highlights the need for a holistic view of risk as it is the only way to adequately prepare for such events and mitigate potential damage.

It may seem obvious to say an organisation needs to plug every potential weakness, but there are so many areas that get overlooked. Think of something as ubiquitous as a printer. Most printers in the office are connected to the internet, yet businesses don’t really consider this when forming a cybersecurity strategy.

Common sense says you should lock down printer access but what features and functionality is your organisation willing to sacrifice in the name of cybersecurity? Most employees need mobile and wireless access to printers so there needs to be some degree of connectivity. The trick is finding the balance between security and usability; and this goes for all parts of organisational infrastructure, printers is just one small part.

There are four key questions to ask to determine your organisation’s security strategy:

  1. What is your risk appetite?

Before deciding on a strategy, you need to understand what outages you’re prepared to accept, what level of negative media attention you can withstand before it affects the business, and whether there is confidential or private data on the network (and, if so, how valuable it is to the business).

  1. What are the real threats this attack surface presents?

Even something as seemingly-innocuous as a printer can leave an organisation wide open to significant threats. Compromising the printer network lets attackers control and monitor the corporate network. They can see all documents printed, explore and identify other weaknesses in the network, create an internal denial of service attack and make it difficult to troubleshoot.

  1. What are the potential consequences of an attack via this entry point?

The consequences of an attack will vary depending on the business but can include disruption to normal operations, confidential data leakage, and privacy infringements. In turn this can lead to fines under the Privacy Act and reputation damage, particularly if the attacker uses your network to attack others.

  1. How likely is an attack?

The likelihood of an attack depends on how open the network is to the outside world and the level of interest in the business itself. Some businesses are less likely to be attacked than others, depending on things like their own profile in the industry or the businesses they partner with.

It’s important to get an internal business risk team to drive the risk assessment so the entire business has a clear idea of how important this is. The next step is to consider what controls you should implement to protect the business. It’s important to maintain variety in the right combinations. You should implement a combination of preventative and detective controls together and make sure you have a response plan that is approved, understood, and tested.

If you would like to know how Aleron can help with your holistic cybersecurity strategy, don’t hesitate to get in touch.

 

1 https://www.forrester.com/report/The+Forrester+Wave+Governance+Risk+And+Compliance+Platforms+Q1+2016/-/E-RES117977?objectid=RES117977