10 ways to protect your business from cyber crime
The National Cyber Security Centre recommends the regime below to help protect your business against most cyber attacks. They’ve published the following as guidance on how organisations can protect themselves in cyberspace.
Protect your networks from attack. Defend the network perimeter, filter out unauthorised access and malicious content. Monitor and test security controls.
User education and awareness
Produce user security policies covering acceptable and secure use of your systems. Include staff training. Maintain awareness of cyber risks.
Produce relevant policies and establish anti-malware defences across your organisation.
Removable media controls
Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware before importing onto the corporate system.
Apply security patches and ensure the secure configuration of all systems is maintained. Create a system inventory and define a baseline build for all devices.
Managing user privileges
Establish effective management processes and limit the number of privileged accounts. Limit user privileges and monitor activity. Control access to activity and audit logs.
Establish an incident response and disaster recovery capability. Test your incident management plans. Provide specialist training. Report criminal incidents to law enforcement.
Establish a monitoring strategy and produce supporting policies. Continuously monitor all systems and networks. Analyse logs for unusual activity that could indicate an attack.
Home and mobile working
Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline and build to all devices. Protect data both in transit and at rest.
Set up your Risk Management Regime
Assess the risks to your organisation’s information and system with the same vigour you would for legal, regulatory, financial or operational risks. To achieve this, embed a Risk Management Regime across your organisation, supported by the Board and senior managers.
For more information visit: www.ncsc.gov.uk