Unhackable. Unbreakable. 100% secure. In cybersecurity, there is no such thing. Bound Planet will never provide such a guarantee. No one can. We must operate assuming that our networks have already been breached or will be at some point.
If that is our mindset, what is important?
To begin, we need an understanding. Context, asset inventory, assessment, organizational risks, governance, and others set the stage for developing strategy around meeting goals, whether they be a compliance initiative or arriving at reasonable cybersecurity.
Given our baseline and people, process, and technology footprint, what reasonable protections apply? Have protections been put in place that address specific threats such as social engineering, ransomware, and others? Are we following industry best practices or implementing protections to support compliance? Are we providing our people with tools to ensure continuous cybersecurity protection?
How are you able to determine if an incident or breach has occurred? Are you monitoring systems for anomalies and events? Add in on-premises, cloud, and remote work. Are these functions enabled across the entire technology footprint?
This function becomes critical if we operate with an unavoidable breach mindset. When an event occurs, do we have an incident response plan? Has our plan been regularly tested so we are prepared? Who is part of the incident response team? How do we collect evidence and document the incident? Does our plan include response, mitigation, reporting, recovery, remediation, and lessons learned?
How can we return to normal business operation? Do our backups support our recovery point objectives (RPO)? What if we had a function or process failure? Have we established a recovery time objective (RTO) that has been communicated to key stakeholders, and do our systems support that RTO? Further, in the event of a system compromise, do we have separation related to our backup functions?
What does this all mean?
• Adopt an assumed breach mentality and put effort into Respond and Recover functions.
• Aim for comprehensive when approaching cybersecurity. Prevent what we can; prepare for what we can’t prevent.
• Ensure you have the right people in place to support cyber program success.
• Ensure the people that make your business a success are set up for success themselves.
• Don’t assume that your IT staff or managed services provider have complete visibility and management capability related to cyber functions.
At Bound Planet, we believe that cybersecurity plays a critical role in business success. We assist by helping businesses understand risk, identify weaknesses, test, implement practices, and build comprehensive cybersecurity programs.