101 Cyber Security Primer, if you are an absolute beginner in Cyber Security for your organisation then please start here.
When starting out in Cyber security you must ensure that the steps you take will provide the best “Bang for Buck”, to do this means avoiding the hype and wrestling control back from the marketing departments of each software vendor bombarding you with “solutions” that will solve your Cyber Security challenges.
The Australian Cyber Security Centre has a set of recommendations known as the Australian Signals Directorate Essential Eight security controls, performing these 8 mitigations reduces your risk of cyber attack by 85%.
Before you start use the assessment tool below and identify your strengths and weaknesses.
With the assessment tool, you can:
- identify the cyber security strengths of your business
- understand areas where your business can improve
- know how to improve your cyber security and where to find help
There is a lot to be done at the starter level but knowing what you can do to get off the ground is critical to improving your Cyber Resilience.
At the level of maturity my example organisation is at, there is a lot that can be done to give the company some piece of mind and reducing their risks.
Critical from this list (yours will be different):
- Ensure your devices are patched and up to date, patching ensures that any known vulnerabilities are mitigated.
- Use Multi Factor Authentication (MFA) for your devices and systems. MFA ensures that even if a hacker has a password, they still can not access your system because they require the MFA One Time Password as well and as it is random, it will never be ‘known’.
- Backup your data and have it stored in more than one location on more than one storage type.
- Put controls on what software can be installed on your company assets.
The above is a good starting point, by applying these 4 things you have now improved your Cyber Security maturity.
Some of the above can be done with Microsoft tools for Windows devices and with som explaining about where and how your users access the data they need for their jobs.