How to Protect your Organization from Cyber Attacks?

The article explores a summary view of the key tips, that can assist you to protect your organization from Cyber Attacks.

TECHNOLOGY

1. Backup Solution - Adequate, Offline, and Online.
2. Firewalling - Network, Application, WAF
3. Antivirus/ Antimalware with behavioral detection.
4. Security Hardening & Right Technology Configuration
5. Security solutions for monitoring and Response
6. Email & Web Filtering, Data Leakage Prevention (DLP)
7. Mobile security solution
8. Restricted download & removable media
9. Identity and Access Management, including PAM
10. Technology for threat intelligence collection, correlation
11. Effective SIEM with right use cases and IOC configuration.
12. DoS / DDoS protection technology/ service.
13. File Integrity/Change Monitoring Solution
14. Right level of logging and alerting with correlation
15. Encryption & Key Management
16. Secure Managed File Transferring mechanism
17. Sandboxing, APT Protection
18. Logical/ Physical segmentation of networks/ Systems.
19. Technology for timely and consistent patching
20. Wireless Access Control

PEOPLE

1. Right Information Security/ Cyber Security Organization Structure.
2. CISO and Information Security Team with authority, total visibility, and control
3. Executive management visible support and buy-in.
4. A focused approach to security monitoring and threat intelligence.
5. Continuous security awareness among the users, technologists, and management.
6. Automated controls to support the user to follow policies
7. Rewarding scheme for vigilant and security conscious user behavior
8. Simplified and different channel of communication
9. Business relevant and user relevant messages
10. Refined, simplified and supportive security process with business enablement.

PROCESS

1. Information Security/Cyber Security Strategy & Plans
2. Policy and Procedure Framework covering all domains
3. Inventory of Services, Processes, and Assets (including Information)
4. Scheduled and Ongoing Risk Assessment
5. Security embedded business and technology processes.
6. Multiple levels of defense.
7. Secure access provisioning, change, review, and deprovisioning
8. “Need to have” & “Need to Know” basis access provisioning.
9. Least privilege principles in providing controlled/ monitored access rights.
10. Scenario planning
11. Incident Response & Management process.
12. Correlated and centralized threat intelligence collection and distribution.
13. Regular, Timely and Comprehensive patching process.
14. Effective backup, restoration process
15. Service, Process, Asset, Data, Identification, and Classification.
16. Control of data and its handling across the organization.
17. Business/ IT Service Continuity Plans.
18. Effective Incident Response, Crisis Management and Communication Plans.
19. Change/Release Management process
20. Vulnerability Assessment and Penetration Testing process

About the Author

Illyas Kooliyankal is a well-known Cyber Security Expert, currently working as the CISO at a prominent bank in UAE and serving as Vice President of ISC2 (UAE Chapter). He has won many international awards, including the IDC Middle East CISO Award, ECCouncil (USA) Global CISO Award (Runner-Up), ISACA CISO, and Emirates Airlines CISM Award. He is a well-received keynote speaker at many international conferences in the USA, UK, Singapore, Dubai, etc.