With a new cyber security strategy being pushed by the Australian government and enterprises facing a myriad of threat daily, it is evident that cybersecurity is more than a mere buzzword.
Now, it is recognised as a nation-wide responsibility.
Security professionals must strive to make security an easily digestible and therefore readily adopted task. We have endeavoured to do so by outlining our approach in its most basic form below.
What is the foundation of effective cyber security?
The new Strategy is a Government initiative, but it is clear that with damages of cyber-attacks becoming increasingly personal and at times, debilitating, it is the responsibility of state, territory, local governments, businesses, academia, and the broader community to understand effective cybersecurity.
We thought now is a good time to explain our cyber lifecycle. This outlines how we help customers achieve their desired level of security posture in a cost-effective, strategic, and timely manner.
There’s no one-size-fits-all solution.
While the below stages are listed in a sequential manner, it is not necessary for the client to engage at the initial Assessment phase. As information security professionals with over 20 years of experience, we understand we need to alter our approach depending on each distinct client.
What are the 5 stages of the cyber lifecycle?
We focus on a seamless and collaborative approach to the cyber lifecycle as we encounter a variety of clients at different stages of their security journey.
We conduct a review on the organisation’s processes, policies and technology – this is referred to as a ‘gap analysis.’ In order to provide the most value to our clients, we take a step back and review the business as a whole.
In this stage, we look at the actual performance of the organisation’s controls and compare it with the desired or potential level of performance. This comparison is made in line with internationally accepted security standards and legislations such as ISO 27001, NIST, ASD-ISM, PCI-DSS
Note: there is no use dismantling your current infrastructure in exchange for a completely new system – this is an unproductive and costly mindset. Our gap analysis service enables an organisation to make the best use of their current resources and maximises the potential of their current IT projects and investments.
2. Defining a Security Strategy
Following on from this review, we are better able to define a security strategy, ensuring it ultimately aligns with business continuity. This revolves around balancing security with overall business objectives. Our specialists look at tactical goals and the small wins that will not only uplift security posture but will drive the business’ vision.
A strong security strategy does not prioritise security and impede productivity. We measure security potential of the existing resources and skills an organisation has, prioritise which steps to take to ensure that we meet the target state, and create a plan based on protection of assets.
3. Developing a Framework
In this stage, we look at the organisation’s ability to meet a variety of regulatory frameworks and data protection standards. For example, we largely look at ensuring client’s compliance to ISO 27001, The Privacy Act, the ASD Essential 8, NIST framework, APRA CPS234 and GDPR.
Again, this is based on the nature of the organisation and the compliance requirements that this necessitates. From here, we are able to work towards protecting enterprises from any liabilities that may accompany data breaches and other security incidents
4. Implementing Controls
We implement security controls that will provide the most value for our clients in terms of cost and security uplift. If we are engaging with a client in these later stages of the lifecycle, we always strive to ensure any security controls that we look to implement integrate well with their existing architecture.
Controls may include a combination of firewalls, intrusion prevention systems (IPS), security information and event management (SIEMs), security operations centres (SOCs), endpoint detection solutions, vulnerability management, security awareness training and much more.
In order to successfully implement a cybersecurity strategy, or information security management system (ISMS), it is essential to carry out a systematic review of the implemented strategy and controls.
This phase may include a combination of vulnerability research specific to the client, penetration testing of a variety of environments, technical audits, examining incident response (IR) plans and capabilities, threat hunting and supplier audits. We take a holistic stance to auditing and during our supplier audit, strive to provide an understanding of the inherent risks that come with third-party business relationships.
The cyber security lifecycle exists as an iterative process
Our hope is that the above stages delineate our cyber lifecycle in an accessible manner. Cyber security is an established part of our daily lives and must be a widely understood topic in order for the fight against cyber crime to be successful.
The main take away here is that cyber security is a continual and proactive process. It is not necessarily a state to be achieved, but rather a status to be upheld. In enterprise settings, regular auditing is required to evaluate whether security standards are being met and controls are working efficiently.
For individuals looking to improve their security capabilities, continual awareness must be maintained. Start with the basics – the ACSC has resources to show you how to stay smart online. Together, government, community and the cyber security industry can help keep Australia safe!