A dependable cyber security framework helps the company bounce back after a hack
By Wynand Gariseb, an experienced IT Governance, Risk and Compliance Consultant/Trainer at Headway Consulting.
In this hyper connected and Internet connected world we are exposed to dangers. Data breaches, hackers stealing identities, phishing, cyber-attacks and large scale online fraud to name a few. We have virus scanners, firewalls and cyber-security guidelines which organisations and employees use and adhere to. Still, organisations are breached despite all of this often resulting in major reputation, business and financial damage.
How quickly they recover demonstrates the true mettle of the organisation, its cyber resilience, if you will. It should bounce back. Ask yourself; “Would your organization have the ability to withstand, respond to, and recover from a cyber-attack or data breach?” The goal of cyber resilience is to maintain the confidentiality, integrity, and availability of data and business operations.
As more and more services move online in Namibia, more data is collected. With the increasing stability of Internet and higher speeds, services that were previously beyond our reach are now accessible. Just think of Netflix, online insurance brokers, banking apps, online payment solutions, and many others.
We are more than willing to give our personal details and simply assume it will be handled carefully, securely and respecting our privacy. Whether we are at work or home, we make this assumption. Individuals are frequently those that are responsible for the breaches (Social Engineering). Even if there’s a cyber security team or robust policy in place at an organisation. Everyone in the company has a role to play. You are equally as responsible for the cyber-security of your organization as the Information Security teams. This goes for the cleaning crew that connects to the company Wi-Fi all the way up to management who bring their own gadgets, devices to work.
Whether the organization is large or small, their responsibility to safeguard information and data is the same. The role of the Information Security team, or the system administrator has traditionally been to prevent and detect cyber-attacks through the use of technical controls. However cyber-attacks have evolved and it’s no longer a question of “will you be attacked?” but “when?” Organizations need to have a greater cyber resilience capability so that they can respond to and recover from these attacks. A full-scale plan should be in place to prevent or counter the aftermath of any type of cyber-attack.
This is why Headway Consulting has teamed up with Peoplecert and axelos product resilia. Headway is accredited on the resilia cyber security framework to help Namibian organizations build capacity and know-how when it comes to cyber-resilience. Corporations, SOE’s and the government need and will by law be required to have safeguards in place or face potential lawsuits, criminal damages and fines if their clients’ data is not protected.
It is only a matter of time before it becomes law here in Namibia as well, so being cyber-resilient will put you ahead of the curve and give you an USP for your clients. Working together with the client to build expertise on cyber-resilience to such and extent that the organization will be certified officially.
Headway Consulting ensures that the employees and the organization are trained and ready to adhere to a responsive cyber security framework:
* It helps and empowers organizations to balance their prevention, detection and correction priorities; their people, process and technology priorities;
* It creates a common language and collaboration across your entire IT and security teams as well as other critical departments. It establishes a framework to define, act on and embed the right processes for effective cyber resilience across the organization;
* It equips your employees with the skills and behaviours they need to make the right decisions at the right time in the face of increasing cyber risks such: Phishing, Social engineering, Online safety, Social media, BYOD (Bring Your Own Device), Removable media, Password safety, Personal information, Information handling, and Remote and mobile working.
These are just a few of the aspects of learning, training and embedding cyber-resilience into an organisation. The benefits are manifold and will certainly lift your business proposition to a higher plane. We teach our kids to be resilient. We tell people to bounce back from adversity, organisations need to do the same by embracing cyber resilience – a cyber-bounce back if you will. It’s not only the cyber-attack we should be focused on, research shows that as many as 75% of all organisations will be attacked in one way or another. So, give your organisation the ability to bounce back and embrace cyber-resilience.
Headway Consulting was started as a proudly Namibian company in 2011 in response to the need for an unbiased Information Technology consultancy firm that can serve corporate Namibia with advice and guidance in a critical part of their business. Headway is an Accredited Training Organisation on COBIT® and ITIL®, which are frameworks for IT Governance and Service Management.