The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
Yevhen Zhurer, Head of Sales, Ekran
What for you are three key practices to ensure an agile cybersecurity program?
Prior to an Agile shift, we recommend assessing the existing cybersecurity strategy against the desired result by performing a detailed gap analysis. This involves determining how current cybersecurity processes align with Agile principles and methodologies and what needs to be done for Agile transformation. Regular cybersecurity strategy assessments are crucial to maintain a high level of flexibility and keep up with constantly emerging cybersecurity threats.
Our top three practices are:
How can organizations protect themselves from breaches internally and mitigate risks across supply chains?
Tight interconnection with the supply chains raises the possibility of supply chain attacks, malicious third-party attacks, and inadvertent destructive activity inside organizations. To prevent this, companies need to concentrate on mitigating factors contributing to poor supply chain cybersecurity, which are a lack of visibility over employees and third parties, poor data management, and extensive employee and third-party access rights.
It’s essential to constantly assess cybersecurity risks, understand the supply chain, and know its key components. Additionally, by creating a detailed cybersecurity strategy and a formal cyber supply chain risk management (C-SCRM) program, an organization can coordinate a coherent movement toward managing its internal and supply chain cybersecurity risks.
Organizations should pay special attention to securing business data on multiple layers: from separate applications to the overall infrastructure. Furthermore, establishing proper employee and third-party user activity monitoring is also crucial. Efficient supply chain risk management also involves working collaboratively with suppliers on identifying weak spots in the cybersecurity of each supply chain entity to improve your mutual security.
As we accept a ‘when, not if’ approach to cybersecurity, what for you are the key components of an effective disaster recovery and incident response plan?
When planning an incident response, it’s important to take a multi-tiered approach to secure your organization’s network and assets. Generally, we advise organizations to follow the recommendations of the Computer Security Incident Handling Guide, 800-61 Revision 2 by NIST.
The key universal components of creating an IRP would be:
How have you seen the risk landscape change with work from home and hybrid working?
Working from home made remote security risks and insider threats (both malicious and negligent) more common than before the COVID-19 pandemic. Remote employees often use personal devices, connect to unprotected networks, neglect cybersecurity rules in favor of convenience, and can be easily susceptible to social engineering. These activities make corporate networks more accessible from the outside and therefore open to an outside attack.
To tackle these risks, organizations have to improve their identity and access control capabilities, as well as provide remote users with tools to secure their connections (corporate VPNs, firewalls, devices, credential managers, etc). It’s also a good idea to monitor and record the activity of all users that connect from outside the protected perimeter. It allows an organization to spot threatening user actions, block them, and collect evidence in time.
Where do you see the biggest cyber security risks on the horizon?
Nowadays, modern technologies allow almost anyone to become a hacker and this is the biggest cybersecurity risk on the horizon. What organizations can do is to minimize their possible negative impact by implementing a human-centric cybersecurity approach. Though we expect that cyber attackers will use more complicated methods, actually, implementing the best cybersecurity practices can save us from the most of cyber risks.
Such approaches as zero trust architecture, along with the least privilege approach, and separation of duties, have already proven to be effective in significantly reducing the consequences of any cyber attacks. Implementing modern technologies like artificial intelligence for analyzing user behavior can provide organizations with the necessary transparency and incident detection capabilities.
People who are working in your organization can also be the first line of defense. Conduct employee training on existing and newly arising cybersecurity risks to help your employees prevent attacks from happening.
Tallen will be speaking at our upcoming TPRM: Cross Industry Congress taking place in Atlanta on November 8-9 at Crowne Plaza Atlanta Midtown.