Cybersecurity has few, if any, one-size-fits-all solutions. Each organisation is unique, as are its needs and goals. Although risks impact every enterprise, the ways in which they are affected are different, as is the way in which they develop and deliver their Cybersecurity Strategy.
Cybersecurity strategy can be developed at a high level, or with additional detail included in the strategy implementation plan. Both high level and detailed versions should address the unique needs of the organisation.
When developing a cybersecurity strategy, a sample of some of the key questions business managers, owners and directors should consider are:
Do we have the expertise to manage our cyber risks?
What cyber expertise do we require, and what do we have?
What is our plan to develop or source the skills that we need?
What cybersecurity work should we keep in-house and what should we outsource – is some specialist assistance required on an ad hoc or temporary basis?
As a business manager, owner, or director do I possess the right level of proficiency to be accountable for the cybersecurity decisions that I make? – if not how do I address this situation.
What training do we have in place for staff on our security policies and cyber threats? - to ensure we have, or are developing, a healthy cybersecurity culture.
How do we align cybersecurity with business goals?
Will this strategy help us to understand the likely investment required to manage our cybersecurity risks over the next 3 years?
Incident Response - “By failing to prepare, you are preparing to fail”
The saying “By failing to prepare, you are preparing to fail” is attributed to Benjamin Franklin, if he were around today, we’d consider asking him to endorse our Incident Response Execution Pack.
The key elements of our Incident Response Execution Pack are:
• Assess your current state of Incident Response readines • Review your existing Incident Response information, plan, templates and guidelines • Identify any gaps and areas of concern • Review current roles and responsibilities
Prepare and Deliver Phase
• Walk your team through an Incident Response scenario using a sample playbook • Assist in formalising the appropriate roles and responsibilities to handle incidents • Present and discuss suitable Incident Response supporting documentation • Formalise 19 tailor-made playbooks – branded and customised to follow your organisations structure • Formalise tailor-made supporting forms – branded and customised
The benefit of having a comprehensive IR plan (including a bespoke set of playbooks) is that you can improve the speed and effectiveness of your team in dealing with a real-life incident. Our Incident Response experts can assist an organisation to develop an IR plan, or refresh the key components of an existing one.
To ensure the IR plan execution steps are clearly understood, we can formalise the “war room” structure, walk through an IR scenario using a sample playbook, and prepare suitable supporting IR documentation, including a library of 18+ IR playbooks.
Contact Mike Conboy if you would like to book a session to take a closer look the Incident Response Execution Pack.
Policy Management as a Service (PMaaS) - Premium version available end of September
Following on from the successful launch of PMaaS the Essentials version we are pleased to announce the release of the Premium version. Two examples of new enhancements delivered in PMaaS Premium are the Onscreen Policy Signing option and the Insite Compliance Reporting module.
Onscreen Policy Signing allows a user to acknowledge that they have read and understood a policy onscreen simply by ticking the acceptance box. Each user can view their own My Policies Page to see which policies they have read and accepted and which policies they have not. Any ongoing requests for your enrolled users to review a new or updated policy can be delivered via the included Reminder Service and is also reflected on the enrolled users My Policy Page.
User acceptance of each policy is recorded in PMaaS Premium and can be reported on, The Insite Compliance Reporting module is designed to provide your nominated managers or team leaders with good visibility of a range of metrics to view user engagement with the policy content covering:
• Number of policies accepted total • Number of policies accepted by type • Number policies accepted by user type • Polices still to be accepted • % - accepted vs not And more.
View a short video clip on the Essentials and Premium Versions.
PMaaS - VPDSS Alignment option for Essentials and Premium versions
• Alignment Matrix - cross references statements within PMaaS that are aligned to the 90+ Elements of the 12 Standards documented in the VPDSS Implementation Guidance • Primary Sources Handbook - provides a quick way to access the specific and relevant excerpts of the 25+ VPDSS Primary Sources contents listed in the VPDSS Implementation Guidance • 1 Day Remote Workshop - our consultant works through an exercise to align the current policy statement wording with the VPDSS Implementation Guidance. Any wording changes required will be recorded by the consultant and then applied to the customer’s Policy System (PMaaS or on-site versions).
In July the Australian Cyber Security Centre (ACSC) released an updated version of the Essential Eight Maturity Model (E8). In the new release it defines four maturity levels (Maturity Level Zero through to Maturity Level Three) to assist organisations with their implementation of the Essential Eight.
Kaon Security will be updating the policy mapping options of Policy Management as a Service and the IT Policy System to cater for maturity Levels 2 and 3 of the updated E8. We expect most of our current customers will initially use the Level 2 maturity settings.
Delivery of this new content is scheduled for early November, in the interim we will provide information on the impact of the changes being introduced with regards to policy statement wording for review by our customers who are currently mapped to ASD.
ACSC has released its Annual Cyber Threat Report – in summary they state cybercrime reports have increased nearly 13% compared to the prior financial year and a greater number of incidents in the 12 month reporting period have been classified as ‘substantial’ in impact. ACSC believe this change is as a result of increased reporting of cyber attacks on larger organisations and the observed impact of those attacks. Click Here to see the report.