Home » Topics » Cybersecurity » Building blocks – what’s required for my business to be SECURE?

Building blocks – what’s required for my business to be SECURE?

Keeping your organisation secure requires unity between teams

Avatar photoby René-Sylvain Bédard

Here is how to build up your cybersecurity defences, broken down step-by-step, to keep your business safe and secure

Consider for a second that you are China, in the 7th century BC, and you are constantly invaded by a barbarian neighbouring state. What do you do to be secure? You build a Great Wall!

This example will demonstrate the various steps to help you create a proper cyberdefence strategy to keep cybercriminals out of your business.

What are you protecting?

The most underestimated portion of a plan is the survey. Before you build anything, you must know the landscape. In your company, that’s your data and services. What are the datasets that you need to keep the lights on? What could cripple your reputation if it was stolen? Not all data is equal. Hence, not everything is worth saving.

In medieval times, the emperor’s riches were not out in the hamlet’s street outside the fortress, they were hidden behind layers and layers of security.

You must start creating a map of your data, with layers upon layers of protection, as the data increases in criticality, so must the cyberdefences.

Who are your enemies? Who would want to bully you?

Before you start drafting your plan and constructing your defences, you must know who you are protecting yourself against. Cybercriminals are the 21st century equivalent of high school bullies. They have technological superiority, are larger in numbers, and they will take what they want from you. Usually, that is one of two things: data or your money. They will stop at nothing to get what they want, even if that means killing your company.

Do you know how to recognise them?

To spot them, you, your executive team and eventually your staff will need to have a cybersecurity mindset. You will need to be aware of the various threats and have deployed mitigation at various levels. You will not want someone who vaguely looks like an IT technician, to have access to your CFO’s computer for an hour alone, because proper checks were not done.

Training will need to be taken seriously, and it starts with you, the founder.

How do you layer defences to ensure they don’t get to what is most precious?

Now that you have identified, sorted and classified the data and services that you need to run your services, you know what to prioritise and what requires the most defences.

Here are two concepts that will be used as cornerstone for your design:

  • Zero Trust Architecture
  • Enclave data protection

Zero Trust Architecture involves a set of rules that will ensure that you will not let anyone in without proper validation. You will assume there is a breach. You will reduce privileges to their minimum and activate them only as needed and you will make sure that devices connecting to your data are protected and monitored.

Enclave is all about aligning your data’s sensitivity with your cybersecurity requirements. For example, to download a public document, no authentication is required, but to access your CRM, containing all your customers’ data, you will require a username, password, an extra factor of authentication, and to be in the office. You will not be able to download the data. Two different sensitivities, two experiences.

You’ve built your wall, but have you tested it?

Completing construction is only the beginning of the journey, not the end. You will now need to keep the strategy alive. Events will come up and will need to be analysed. Is it a threat? Is it an attack or is it normal behaviour?

During business hours is fine, but your 2 o’clock in the morning, is someone else’s 2 o’clock in the afternoon. They will not stop attacking you because it’s a civic holiday/long weekend. That is their favoured time – when they have the most time to collect everything they want and cause the most damage.

You will also need to investigate configuration audits, so you can see how much of a gap has occurred in the last year. What changed? And most importantly, did it open a potential breach?

You will also want teams running intrusion tests at least once a year and plan some budgets ahead. If they find something, you will want it remediated before a cybercriminal uses it against your company.

If there is a breach, are you ready?

The leadership team is the compass for the rest of the company – their north star.

To make the right decision during a crisis, you much be prepared to face it. And how do you make sure that you’re not affected by all this adrenaline and stress that is caused by such an event? Practice.

I am not saying that you must restore all your company’s backups every weekend. I am saying that once a month, the company executives should run through the plan.

Here are a few examples that should be rehearsed:

  • Do you have a case with everything that you need in case of an event?
    • Credit cardsDisconnected laptopContact lists of shareholders, managers, employees, customers and subcontractors
    • IT architecture documentation, with licence numbers and software sources
  • Do they have access to the backups (and the software to restore it)?
  • Do you have a list of your cybersecurity event contacts? For example:
    • LawyerPublic relationsBreach coach
    • Insurance broker and contract number

In other words, if your world goes out in flames, you know how to recover.

Your enemy is evolving: how do your defences hold up?

Most plans that were designed and rehearsed five years ago are now full of holes. The advent of AI and Quantum computing is creating even more holes.

Those plans need to adapt, they need to evolve. As attacks get to be more and more sophisticated, so must our defences.

Building a SECURE, customised plan

In order to create an appropriate plan to defend your business against cybercriminals, you must:

  • Survey: your data and services landscape, prioritise what is needed
  • Educate: yourself, your management team and then your staff
  • Construct: Put emphasis on foundational tools. You do not need the million-dollar speciality systems if your desktops are not being updated. Start with the basics
  • Unify: Make sure that your cybersecurity percolates to all your processes, people and technologies
  • Review: Annual audits and penetration testing will help you manage risk. Make sure that those are addressed
  • Evolve: because life is not static, neither should your cybersecurity plan

Strong cybersecurity involves building walls, but starts with knowing what you’re protecting, who from, and staying ready for what’s next. The advice above will enable you to do that.

René-Sylvain Bédard is a cybersecurity expert and founder of Indominus Managed Security.

Read more

Bridging the IT and security team divide for effective incident response – Greater alignment between IT and security teams is crucial for effective incident response – here’s how to lay down the foundations

Why shutting down systems can backfire during a cyber attack – Organisations that invest in incident response planning, real-time monitoring and a culture of cyber resilience are far better positioned to mitigate risks and maintain business continuity when faced with an attack

The risks of supply chain cyberattacks on your organisation – Nick Martindale explores the risks to organisations associated with supply chain cyberattacks and what you should do about it

Related Topics

zero trust

Related Stories

Cybersecurity

Bridging the IT and security team divide for effective incident response

Greater alignment between IT and security teams is crucial for effective incident response – here's how to lay down the foundations

Cyber Innovation

Why shutting down systems can backfire during a cyber attack

Cybersecurity

Why banning ransomware payments is only a limited fix

JumpCloud's Chief ISO explains how ransomware attacks are still a threat despite proposed legislation and discusses some key defence strategies

Cybersecurity

The risks of supply chain cyberattacks on your organisation

Nick Martindale explores the risks to organisations associated with supply chain cyberattacks and what you should do about it