Panzer IT Cyber Security framework

Essential Cyber Security Steps for Organizations

Posted on by Panzer IT

Objective:

To define required cyber security in organization, one need to consider compliance & actual necessities. Compliance can be GDPR, DPDP, RBI, SEBI, IRDA, AICTE/UGC etc.

Both requires data protection from internal and external threats + assets protection.

More or less all cyber security framework suggests following steps:

  1. Prepare: Define and implement comprehensive Cyber Security Framework. Define roles and responsibilities.
  2. Identify: Understand compliance, requirements, problem areas and its solutions.
  3. Protect: Implement solutions to protect digital assets.
  4. Detect: In case of breach, identify impact, detect problem area.
  5. Respond: On detection, how organization will respond to prevent any breach – define roles and solutions.
  6. Recover: In case of breach, how organization will restore operations & prevent misuse of breach.
  7. Report: Methods and tools to report to authority

Line of Defence:

  1. CISO / Cyber Security Manager
  2. Centrally Managed, Centralised Data Repository
  3. Data Backup and Disaster Recovery
  4. Firewall and VPN
  5. VAPT
  6. Data Leak Prevention, Encryption
  7. Identity Management, Access Management, ZTNA
  8. Anti Malware (with EDR/XDR/MDR)
  9. Asset Management, Patch Management, MDM
  10. Anti Phishing Simulation & Cyber Security Training

1. CISO

  1. Need to prepare all documents based on above 07 points, budgeting, testing, implementation, management and take responsibility.
  2. Organization chart based on department / project wise required access
  3. Organization needs to define CISO’s roles and responsibilities to ensure that cyber security concerns are adequately managed.

2. Centralised Control:

  1. First step is to have all licensed & updated software, AD / centralised management, structured networking.
  2. Implement centralised data storage or data centre
  3. All crucial data must be stored on central data unit only
  4. Specify data access rights based on department, user hierarchy
  5. Consolidated information on all employees, each IT asset, roles, data type, access rights & more

3. Backup & DR:

  1. One of the most important assets organizations have, is Data. In worst case scenario, data is inaccessible, data backup & DR is must. 
  2. Define RPO (Recovery Point Objective) and RTO (Recovery Time Objective)
  3. 1-2-3 rule. Working data on PC/Servers, first copy on NAS (faster accessibility), 2nd copy on cloud / another location isolated from original location.
  4. High-end solutions provide active-passive or active-active DR : if main server is down – immediately DR server will be up automatically and users may not even feel this switch-over.
  5. Make sure that your NAS or Cloud is not being accessed by multiple users, via multiple applications and ports are not open.

4. Firewall:

  1. Implement reputed firewall, define proper rules.
  2. Implement VPN for interbranch communication or remote access

5. Vulnerability analysis and penetration testing

  1. Robust VAPT is important line of defense
  2. This will remove most of possibilities against being hacked or attacked by ransomware etc
  3. If Organization performs regular VAPT mainly for its servers, firewall, switches, Apps etc; then one is safe from outside attacks up to 95%
  4. Also review of current configuration, switches, firewall, VAPT etc is inevitable

6. Data Leak Prevention & Encryption:

  1. Reiterating, Data is one of most important assets for any organization. If vital data is in wrong hand, this can cause huge losses to the organization.
  2. Data can be leaked by employees (for future usage or sell to competition) or by hackers which will be misused.
  3. Finance data, source code, contracts, database all are important & personal assets for organization created over many years by huge investments.
  4. Start with data discovery and classification in all endpoints and servers.
  5. Include data encryption solution
  6. DLP is going to be compulsory compliance for every organization under DPDP.

7. Identity Management, Access Management, ZTNA

  1. Protects information from unauthorized users and unauthorised access
  2. Organization needs a way to control what users can and can’t access so that sensitive data and functions are restricted to only the people and things that need to work with them.
  3. Centralised User name, password policies.
  4. Give access to emails, databases, data, and applications to authorised people only integrated with MFA, specific device, time/duration etc.
  5. Define rights to edit, copy, read.
  6. This will also help, when-how user took access and what action he took on data.
  7. Protects data from cyber threats. Helps prevent identity-based attacks and data breaches
  8. Zero Trust Network Access (ZTNA) also important tool to restrict unauthorised users or device accessing organization network.

8. Endpoint Security – Anti Malware – EDR, XDR, MDR:

  1. Simple Antivirus or endpoint security are no more capable preventing against latest threats including malware
  2. Virus and antivirus is out-dated. Anti-Malware / APT / XDR are latest technology and effective.

9. ITSM, Asset Management, Ticketing, Asset Management, Patch Management, MDM

  1. Collect information about every IT asset, software across organization.
  2. Install only authorised software. Keep track of licenses.
  3. Implement latest patches
  4. Check system performance, IT support, requirements, and many things from single solution
  5. Manage all devices from single console

10. Anti Phishing Simulation & Cyber Security Training:

  1. Avoid unintentional mistakes which can lead to data loss and cyber attacks
  2. Multiple security measures require understanding & training of employees too, as sometimes security measures may restrict smooth access to users as they used to.

Finally organization would require SIEM to administer all logs and manage all solutions from single console and gather logs etc + Security Operation Centre (SOC).

Overall Cyber Security require assurance, governance, risk management, compliance & information security. This is backed by data and assets availability (DR) which sometimes includes backup premise and backup manpower.  

References:


Cyber Security Solutions

Email: Sales@PanzerIT.com; Ph: +91 90046 55099 Web: PanzerIT.com 
Navi Mumbai | Delhi NCR, Noida

#Scopd #Mirobase #Netand #Somansa #Falcongaze #SecureTower #SecPoint #Emsisoft #Vembu #Acronis #Varonis #Netop #Impero #DLP #Employee Monitoring #User Behavior Analysis #Anti Malware #Backup & Disaster Recovery #Data Backup #Disaster Recovery #VAPT #Firewall #Vulnerability Scanner #Penetration Testing #Risk Management #Threat Analysis #Insider Threats #Compliance #IAM #PAM #EDR #MDR #Cyber Security #Server Security #Network Security #Cloud #Malware #Ransomware

1 thought on “Essential Cyber Security Steps for Organizations

  1. Pingback: Understanding Ransomware: Protecting Your Data in the Digital Age – Panzer IT – Make 'IT' Secure

Leave a Reply

Your email address will not be published. Required fields are marked *