Cyber Security: The Right Frame of Mind

The Basics: Essential 8 Strategies for mitigating Cyber Security Incidents

The Australian Signals Directorate (ASD) identified and prioritized 27 strategies for mitigating cyber security incidents. However, the ASD categorized 8 out of these 27 as absolute must haves for any modern organization and is your bare minimum baseline for your cyber protection framework.

While not strictly a cyber security framework, these mitigation strategies help organizations minimize risks and protect themselves from targeted cyber intrusions, Ransomware/external adversaries and malicious internal threats looking to either steal or destroy data.

The prioritization of these strategies has been based on their relative effectiveness and lined up in a simple table with an indication of costs and likely level of end user disruption or resistance.

Although this list may appear overwhelming at first glance, it's purposefully superfluous.

The aim is to sit down with your IT team and discuss what may or may not be relevant to your organization and then road map the implementation of strategies deemed necessary based on the priorities given.

You can find more information on that here: https://www.cyber.gov.au/acsc/view-all-content/publications/strategies-mitigate-cyber-security-incidents

The Intermediate: ISO 27001

Being ISO 27001 certified is becoming an essential requirement particularly within the AEC (architecture, engineering and construction) and manufacturing industries, but also many others.

This framework is recognized globally as a very high standard for cyber compliance and worth your time to at the very least, review before implementing throughout your business.

However, it can be overwhelming if you’re not cyber-savvy. We can take the load off you as our experts are highly trained in helping businesses become ISO 27001 compliant.

Defence Industry Security Program (DISP)

If you are engaging with customers within, or supporting, the Australian defense supply chain, DISP helps businesses understand and meet necessary security requirements.

However, if you’re not within those industries, DISP is still becoming a nationally recognized and highly regarded protocol when it comes to business safety online.

The DISP process is intricate, time consuming and can be difficult to understand. Here at Waterston’s Australia, we’ve got the technical understanding to help you through this process.

Identifying Risk & Creating A Plan

Leave risk identification to the pro’s.

Identifying risks can be a tricky task, especially when you have no idea where to start. Any good cyber security specialist will spend time within your business, understanding your processes, your systems and most importantly; your vulnerabilities.

Once a thorough review is complete, your specialist will discuss will book in a time to talk through your vulnerabilities and where the business is lacking in vital protection.

After these checks are completed, a roadmap to protection will be created bespoke for the business to ensure all your bases and covered and maintained.

This could range from simply setting up your staff with MFA (multi-factor authentication) or a complete overhaul of your business.

But don’t worry, we’ll work with you through every step. This process will entail a roadmap and frameworks to support the business, provide a long-lasting, low maintenance solution to a rapidly and ever-growing issue of cyber threats.

Conclusion

The Essential 8, is absolutely your starting off point for any business on your cyber security journey. If you want to take the next step, ISO 27001 might be right for your business.

If you’re still unsure where to turn or what’s right for your business, don’t hesitate to get in touch as our dedicated team can get you on the right path.

 Have a question or need advice?

Please complete the short contact form below to send a message to our team and one of our consultants will get back to you within 24 hours. Thanks.