Close this search box.

Know your vulnerabilities as cyber attacks continue

cyber attacks

Key to overcoming cyber security threats is identifying your vulnerabilities, says Nick Denning of Policy Monitor. “The variety of hacks, digital scams, data breaches and ransomware attacks have continued unabated and if the biggest organisations are vulnerable, how can smaller organisations hope to stay safe?”

Larger organisations have more cybersecurity experts and resources to help protect them from cyber attacks than SMEs, but having in-house knowledge is only part of the story.

“Research can show ‘what’ the threat might be but not ‘where’ your organisation could be vulnerable,” Denning said. “The good news is that SMEs by their nature are likely to have a smaller attack surface. Therefore, it is potentially easier for an SME to assess risks and to take an inventory of the assets that need protecting and how they may be vulnerable. However, if a business does not have even the basic skills and deployed technologies to access this type of information it can leave huge gaps in its defences, or lead it to invest in the wrong kind of security.”

All devices, resources or services that are part of your ever-expanding IT landscape could be subject to risks or vulnerabilities that lead to cyber attacks or act as a bridgehead into your environment as a whole. It is important that your organisation not only creates an asset register of physical IT assets, which it may already have for depreciation purposes, but the register should also include more intangible assets like software and databases, plus employee devices used in a home-working or a BYOD context. This complete asset register will help you assess your vulnerabilities, ie the issues in code across all your IT assets which can be exploited to gain access to your data resources, siphon off funds, inject malware, or block or take control of entire systems and networks.

Take an inventory of ALL your IT assets: Just as it is important to have a register of your physical assets for accounting and maintenance purposes, an important element of effective protection against cyber threats also requires an ongoing process of cybersecurity asset identification and management. This has two dimensions. Companies need a register of traditional physical IT assets such as PCs, servers and the increasing number of devices used to access systems remotely. Increasingly, organisations have items connected as part of the Internet of Things such as medical sensors, fire alarms and smart security devices. You need to have an inventory of all these assets as they make up the attack surface of an organisation.

“The second dimension of IT asset management is that these assets can provide a vulnerable entry point and have great value in themselves, they may also be the ultimate targets of cyber-attacks,” Denning continued. “For example, an inadequately protected public application might provide a way-in for cyber criminals to download or corrupt your data or a path to enter your systems then move on to other targets. Customer data and employee records held in databases can help cyber criminals perpetuate identity theft and financial fraud. If there is a data breach an organisation can be hit by direct financial fraud, an inability to perform daily business processes, reputational damage and heavy data protection fines from regulators and the cost of forensic investigations.

The NCSC has recently launched the Cyber Essentials Readiness Tool, which was developed by IASME. It asks organisations a series of questions related to the main Cyber Essentials criteria to help prepare them for certification. The first task is to define what is in scope and what is out of scope for certification.

As the tool says; “Assessment and certification should cover the whole of the IT infrastructure used to perform the business of the applicant, or if necessary, a well-defined and separately managed sub-set.

“The requirements apply to all the devices and software that are within the boundary of the scope and that meet any of these conditions: can accept incoming network connections from untrusted Internet-connected hosts; can establish user-initiated outbound connections to devices via the Internet, or control the flow of data between any of the above devices and the Internet. A scope that does not include end-user devices is not acceptable.”

CTS The industrialisation of IT
CTS - Industrialisation of IT
Related Posts
CTS The industrialisation of IT
Others have also viewed

Revolutionising medicine with the promise of growing human organs

Growing human organs holds immense importance in modern medicine, offering solutions to critical healthcare challenges. ...

ABB automates warehouse operation in instrumentation factory in Italy

From a manual activity to fully automated warehouse operations, ABB has completed the transformation of ...

UK manufacturing data finds disconnect between industry priorities and actions to address energy price volatility

A report has found a disconnect’ between the UK manufacturing sector’s views on volatile energy ...

UK businesses see boosting connectivity as integral to growth

Study reveals a great opportunity for alternative network providers (AltNets) to meet growing demand for ...