In the increasingly technology-driven world, cyber security is vital for both businesses and individuals. A crucial aspect of cyber security is vulnerability management, which involves identifying, prioritizing and fixing vulnerabilities in a system or network. In this blog, we discuss vulnerability management regarding cyber security and highlight its importance in protecting digital assets.

Cyber attackers often target publicly disclosed vulnerabilities to exploit systems and networks. Therefore, timely installation of security updates is crucial, especially for systems accessible via the internet. Prioritizing vulnerability management, also known as vulnerability management, is essential to address the most serious vulnerabilities first, as some may be more difficult to fix than others.

By implementing a robust process for vulnerability management, you are able to gain a deeper understanding of the severity of vulnerabilities and take proactive measures to protect your organization.

What is vulnerability management?

Vulnerability management is the process of identifying, assessing and addressing vulnerabilities in a system or network. This involves several steps, including:

• Identification: The initial step involves identifying vulnerabilities in the system or network. This can be carried out using vulnerability scanners, network mapping tools and other security software.
• Prioritization: After identification, vulnerabilities should be ranked according to their severity and potential impact on the system. This process helps prioritize how to address vulnerabilities, with the most critical ones being addressed first.
• Recovery measures: The next step involves repairing the vulnerabilities. This can be achieved by patching the system, updating software, or implementing additional security measures.
• Verification: After addressing the vulnerabilities, the system should be tested to ensure that the remedial measures are effective and the vulnerabilities have been adequately resolved.

The vital importance of vulnerability management in securing your digital assets

Vulnerability management is an indispensable part of cyber security for several reasons:

1. Prevention: By discovering and addressing vulnerabilities, organizations can prevent cyber attacks, protecting sensitive data and preventing financial loss or reputational damage.
2. Complying with regulations: Many sectors have to comply with regulations and standards related to vulnerability management. An effective vulnerability management program helps organizations meet these requirements.
3. Proactive approach: Vulnerability management is a proactive cyber security strategy that helps detect and fix vulnerabilities before cyber criminals can exploit them.
4. Cost-saving: Addressing vulnerabilities in a timely manner can be significantly more cost-effective than dealing with the consequences of a successful cyber attack.

Protecting your systems: essential steps for effective vulnerability management

Ensure regular updates: strengthen cyber security:

• Maintaining system security requires regular updates. Enabling automatic updates for operating systems and software is practical. You can implement updates gradually and implement a rollback scenario to mitigate any issues caused by problematic updates.
• Use of managed services, such as a Software as a Service solution from trusted vendors, can reduce the burden of management and ensure that systems are regularly updated.
• Regularly check the update status of devices, understand when updates may fail and ensure that all systems have a detailed software update strategy.
• The update strategy should describe how and when updates are applied, who is responsible for implementing and monitoring them, and take into account system availability requirements and relevant dependencies. This should aim to minimize the time before updates are applied.
• Use software products supported by the vendor and switch to newer products as the end of the support period of older products approaches to avoid any security risks from unsupported products.

Best practices for developing an effective vulnerability management process

• Define the scope: Identify the assets and infrastructure that need protection and define the scope of the vulnerability management process.
• make an inventory: Create an inventory of all hardware, software and applications running on the network, and keep track of the versions and configurations of each component.
• Strengthen systems: The process strengthening (hardening) systems includes disabling unnecessary processes, disabling old protocols and limiting the attack surface of a system. This is an important part of reducing the vulnerability of a system against known and not yet known vulnerabilities.
• Assess the risk: Estimate the potential impact and likelihood of each vulnerability to determine which ones require immediate attention.
• Plan solutions: Develop a plan to address the identified vulnerabilities based on the risk assessment and determine the most appropriate solution options.
• Implement solutions: Implement patches, updates or other mitigation techniques to eliminate vulnerabilities.
• Verify the solutions: Confirm that vulnerabilities have been addressed and solutions are effective.
• Monitor for new vulnerabilities: Keep ongoing monitoring for new vulnerabilities and reassess the risk to ensure your vulnerability management process remains up-to-date.
• Communicate effectively: Keep stakeholders informed during the process, from identifying vulnerabilities to implementing recovery measures.
• Document the process: Record all steps taken during the vulnerability management process, including risk assessments, remediation plans and verification results.

the OpenSight 10 new year’s cyber security resolutions

During the OpenSight 10 new year’s cyber security resolutions, we will publish a blog each week about each of the ten resolutions as listed below:

• The company’s digital assets.
• Are my colleagues engaged and aware of cyber security?
• Are our company assets under control?
• Architecture focused on security and the business.
• How to keep vulnerability management in order?
• Who’s that? And what is he doing here?
• How do we protect digital assets?
• Is this normal behavior and does it happen more often?
• Preparation is key!
• Is there a weak link in my supply chain?

With these 10 new year’s resolutions, we at OpenSight hope to give you some insight regarding the ten steps you could take to decrease the chance and impact of an incident.

Want to know more?

Be sure to keep an eye on our blogs where, following these Cyber Security resolutions for 2024, we will cover all 10 topics in detail. Follow us on LinkedIn to be the first to know about all our updates!

Risk management in the realm of cyber security constitutes an indispensable process for any organization seeking to protect itself, its customers and other partners from increasingly complex and novel threats. With the growing reliance on technology, the need for robust security measures has become essential. In this article, we examine the risk management of your company’s digital assets. By digital assets here, we mean all the information, systems, networks and applications that are important to the organization and its objectives.

By taking a risk-based approach to data and system security, companies can strike the right balance between risk and efficiency to achieve their objectives. Effective risk management in cyber security ensures that the organization’s technology, systems and information are adequately secured, focusing resources on the most critical areas. Securing a solid risk management approach throughout the organization enables companies to effectively manage cyber security risks, while contributing to their overall risk management strategy.

What is risk management for cyber security?

Cyber security risk management is the process of identifying, assessing and prioritizing cyber security risks, as well as implementing strategies to mitigate or reduce them. The purpose of cyber security risk management is to enable organizations to make informed decisions about the level of risk they are willing to accept and take appropriate measures to protect their information and their critical business processes that depend on it.

Risk management is an ongoing process whereby risks are identified, assessed and managed across the organization. This process is important to ensure that the organization’s cyber security strategy is aligned with its overall business goals and objectives.

Risk management approach towards cyber security

The risk management approach to cyber security includes the following steps:

Risk identification
This stage involves accurately identifying potential cyber security risks the organization may face. This is achieved through a thorough assessment of the organization’s digital assets, including information, systems, networks and applications.

Risk assessment
Once risks have been identified, they should be assessed according to their likelihood of occurrence, vulnerability of affected systems and potential impact. This can be achieved through analysis of historical data, vulnerability scans and penetration tests.

Risk prioritizing
After the assessment, risks should be prioritized according to their severity and potential impact on the organization’s operations. Risks that pose a significant threat to business operations should be given the highest priority.

Risk mitigation
The next step is to define, plan and implement mitigating measures to reduce the identified risks. This can be achieved by implementing security measures such as firewalls, anti-virus software, intrusion detection systems and access controls. Maar zeker ook beleidsmatige, bewustwordings- en proces georiënteerde maatregelen kunnen risico’s beperken. A good risk policy therefore also follows the People, Process & Technology model. A balance between the various aspects offers the highest effectiveness of the measures as a whole.

Risk monitoring
Risk management is an ongoing process, where it is crucial to regularly monitor and evaluate the effectiveness of the measures taken by the organization. This can be achieved by conducting regular vulnerability assessments, penetration tests and audits.

Benefits of a risk management approach towards cyber security

A well-executed risk management process can have many benefits for an organization, for example:

Improved security.
By identifying and assessing potential cyber security risks, an organization can implement appropriate management and security measures to protect its digital assets, leading to a strengthening of its overall level of security and resilience against attacks (cyber resilience).

Improved compliance with regulations
A risk-based approach to cyber security can help organizations comply with various regulations and standards such as GDPR, PCI-DSS, ISO 27001, BIO, DORA, NIS2 and others.

Lower costs
By focusing on the most critical risks and implementing appropriate measures, an organization can reduce the overall cost of cyber security while ensuring that resources are allocated in the most effective way.

Increased resilience
Effective risk management can improve an organization’s ability to respond to and recover from cyber incidents, ensuring that the organization remains operational and continues to deliver its services despite cyber threats.

Increased stakeholder confidence
Good cyber security risk management can increase stakeholder confidence in an organization’s ability to protect its digital assets and ensure the confidentiality, integrity and availability of its information.

When managing cyber risks, it is crucial to consider the broader context of your organization’s processes. This involves understanding the business priorities and objectives and aligning cyber risk management with these goals. By assessing the risks you are willing to take with technology to achieve your objectives, you can make informed decisions about cyber risk management.

Effective management is essential for a successful cyber security risk management. This includes understanding how cyber risk management and communication fit within existing governance structures that handle other forms of business risk. Your approach to cyber risk management should be effectively led and tailored to the specific needs of your organization.

It is also vital to ensure that your organization has an adequate policy setting out the risk management strategy for the entire organization, integrating cyber security considerations into other organizational policies where appropriate. Collectively, the board should understand the importance of cyber security in supporting the organization’s overall objectives and have the necessary information to make timely, informed decisions.

Effective communication

Clear wording
For effective communication on cyber risk and risk management, it is essential to clearly articulate your approach to both employees and decision-makers. This ensures that they understand how cyber risks are managed and are able to make informed decisions.

Coordinated communication.
It is also important to ensure that your communication about cyber risks is aligned with the way your organization communicates about other types of risks, such as legal or financial risks. This promotes the integration of cyber risk management into the organization’s broader risk management strategy.

Clear and sensible use of language.
Clear and meaningful language is crucial when communicating cyber risks. Risk labels or scores should be fully explained to avoid misinterpretation or misunderstanding. For example, using an “average” risk label without clear criteria can lead to inconsistent interpretations within the organization. Communicating clearly and using meaningful language can ensure that all employees in the organization have a consistent knowledge of cyber risks and risk management.

How to improve the risk management framework

Continuous and iterative
It is essential to realize that risk management is an ongoing and iterative process. As technology and the business environment continue to evolve, both threats and opportunities may shift. Risk management approaches must be flexible enough to adapt to these changes.

Reviewing risks regularly
Regularly reviewing risks is vital to ensure that the risk management methods chosen remain effective and appropriate. It is especially crucial to review risk assessments in the event of significant changes such as a shift in the threats an organization faces or changes in the technology used to deliver and manage a system or service.

Regular evaluation of methods, frameworks and tools
Besides evaluating risks, it is also important to regularly evaluate the methods, frameworks and tools used for risk management. These must remain effective within the business context and appropriate for the constantly changing landscape of cyber security and threats. By continuously improving their approach to risk management, organizations can ensure that they are better equipped to manage cyber risks effectively.

In conclusion

Risk management in cyber security is indispensable for protecting digital assets from complex threats. A risk-based approach helps organizations balance and implement measures effectively, contributing to a strong overall risk management strategy. The process includes identification, assessment, prioritization, mitigation and monitoring of risks, with benefits including improved security, regulatory compliance, cost reduction, increased resilience and stakeholder trust. It is essential to manage cyber risks in line with business objectives, with clear communication, aligned language and a continuously improving approach.

the OpenSight 10 new year’s cyber security resolutions

During the OpenSight 10 new year’s cyber security resolutions, we will publish a blog each week about each of the ten resolutions as listed below:

• The company’s digital assets.
• Are my colleagues engaged and aware of cyber security?
• Are our company assets under control?
• Architecture focused on security and the business.
• How to keep vulnerability management in order?
• Who’s that? And what is he doing here?
• How do we protect digital assets?
• Is this normal behavior and does it happen more often?
• Preparation is key!
• Is there a weak link in my supply chain?

With these 10 new year’s resolutions, we at OpenSight hope to give you some insight regarding the ten steps you could take to decrease the chance and impact of an incident.

Want to know more?

Be sure to keep an eye on our blogs where, following these Cyber Security resolutions for 2024, we will cover all 10 topics in detail. Follow us on LinkedIn to be the first to know about all our updates!

In today’s digitized world, cyber security is crucial when designing, building, maintaining and managing systems. A crucial aspect of ensuring system security is paying careful attention to its architecture and configuration. In this blog, we explore the importance of architecture and configuration in the process of designing, building, maintaining and managing secure systems.

Architecture

The architecture of a system determines the structure of components and subsystems and how they integrate with each other. A well-designed architecture can increase the security of a system by minimizing the attack surface and making the system more resilient to attacks.

One approach to designing a secure architecture is to apply the principle of Zero Trust. This implies that a system grants only the essential rights needed for users or processes to perform their tasks. By following this principle, the attack surface is reduced by limiting malicious activity to the permissions allowed.

Another approach to designing a secure architecture is the concept of “defense in depth”. This involves implementing multiple layers of security measures that work together to protect the system. Examples of these measures are firewalls, intrusion protection (IPS) and access control methods. Implementing several layers of security prevents a single security vulnerability from leading to a breach of the system.

Configuration

The configuration of a system refers to the specific settings and options selected to make the system function. Configuration plays a crucial role in system security, as incorrect configuration can make the system vulnerable to attacks.

One approach to securely configuring a system is to follow industry-standard best practices. Many organizations and regulatory bodies publish guidelines for securing systems. Adhering to these guidelines can help ensure correct system configuration. Examples of such guidelines include the Center for Internet Security’s Critical Security Controls (CIS Controls) and the National Institute of Standards and Technology’s (NIST) Cyber security Framework.

One way to check the configuration of systems is to conduct regular security audits. These audits can identify any misconfigurations or vulnerabilities in the system and help prioritize necessary security measures to reduce risks. Regular security audits also ensure that the system remains safe from the emergence of new threats.

Benefits of building a good architecture and configuration

Proactive security approach
Implement a ‘security-by-design’ strategy where security is part of the initial design. This approach ensures that systems are secure from the start and minimizes the need for costly remedial work later in the process.

Reliability
A well-designed and configured system inspires confidence as the security measures in place effectively mitigate the risks that matter to an organization.

Continuous monitoring and assessment
Just building a secure system isn’t enough. Managing and maintaining security over time are equally crucial. By continuously monitoring and assessing security through audits, organizations can stay ahead of new threats and ensure that their systems remain secure.

What steps should be taken?

To guarantee the safety of a system, various steps need to be taken:

• Develop knowledge about the system to be built and the reasons behind it. Here, it is crucial to fully understand the context, including risks that are and are not acceptable to the organization. Identify critical components and define the level of security required here, looking at the threat level and risk appetite.

• Embrace a risk-based approach in selecting security measures. Choose security measures based on identified risks and their effectiveness in mitigating expected attacks according to the threat level. Implementing all possible security measures is not advisable as it will affect efficiency; a risk-based approach ensures targeted deployment of resources and maintains maximum efficiency.

• Build systems with the ability to adapt to changes in the threat landscape over their expected lifetime. As the cyber security landscape is constantly evolving, adaptability is important to keep systems secure.

• Implement a combination of technical and policy controls to effectively monitor and manage changes. Ensure that changes are authorized and have gone through proper controls to avoid negative impact on in-process services. Design measures so that security updates and vulnerability fixes can be applied easily and quickly.

• For a management interface, multi-factor authentication (MFA) is very important, especially for administrative accounts that have access to sensitive functions. MFA significantly reduces the risk of unauthorized access to these accounts by eliminating the need for an additional form of identification besides the password, such as a generated code or biometric scan. This makes hacking these accounts significantly more difficult for attackers.

the OpenSight 10 new year’s cyber security resolutions

During the OpenSight 10 new year’s cyber security resolutions, we will publish a blog each week about each of the ten resolutions as listed below:

• The company’s digital assets.
• Are my colleagues engaged and aware of cyber security?
• Are our company assets under control?
• Architecture focused on security and the business.
• How to keep vulnerability management in order?
• Who’s that? And what is he doing here?
• How do we protect digital assets?
• Is this normal behavior and does it happen more often?
• Preparation is key!
• Is there a weak link in my supply chain?

With these 10 new year’s resolutions, we at OpenSight hope to give you some insight regarding the ten steps you could take to decrease the chance and impact of an incident.

Want to know more?

Be sure to keep an eye on our blogs where, following these Cyber Security resolutions for 2024, we will cover all 10 topics in detail. Follow us on LinkedIn to be the first to know about all our updates!

IT Asset Management concerns the identification and management of all assets in an organisation’s IT infrastructure, including hardware, software and data. It improves cyber security by enabling a more thorough understanding of the IT infrastructure.

The most important asset for any organization includes anything that can generate value, such as intellectual property, customer data, technology, physical locations, financial capital and employee knowledge. In a digital world, cyber security is crucial for protecting sensitive information, and implementing asset management is an effective component to achieve this.

How implementing asset management can improve cyber security

1. Identifying vulnerabilities
   Effective asset management allows an organization to identify all devices and software in their IT infrastructure. This process reveals outdated or vulnerable elements that are susceptible to cyber attacks. These vulnerabilities can be addressed through updates, patches or replacement.
2. Following and monitoring devices
   Asset management allows an organization to track and monitor the usage of all devices in their IT infrastructure. By detecting unusual or suspicious behaviour, such as unauthorized access or malware download attempts, an organization can respond quickly and effectively to potential cyber security incidents.
3. Inventory tracking
   Effective asset management ensures that an organization has an up-to-date inventory of all devices and software in their IT infrastructure. This inventory helps track the location and usage of devices, creating an accurate list of assets to be protected. It also helps reduce unnecessary IT costs.
4. Improve incident response
   Asset management improves an organization’s incident response capability by providing a complete picture of its IT infrastructure. This information enables an organization to quickly and accurately identify the source of a cyber attack and take the necessary steps to mitigate its impact.
5. Minimize conflicts and ensure optimal performance
   Asset management is a critical part of various business activities, including IT operations, financial accounting, software licences, procurement and logistics. Integrating and coordinating management can minimize conflicts and ensure optimal performance, given the overlapping and interdependent nature of these areas.

Recommendations for effective asset management

Setting up asset management requires a thorough and structured approach. Here are some steps organizations can take to implement asset management effectively:

1. Inventory: Maintain a detailed inventory of all IT assets, including hardware, software programs and data, with associated attributes and configurations.
2. Categorization: Classify assets according to their importance and criticality to the organization. This helps identify appropriate security measures.
3. Risk assessment: Conduct a thorough risk assessment to identify potential threats and vulnerabilities to IT assets, as well as their potential impact on the organization.
4. Access control: Implement strict access controls to ensure that only authorized users have access to resources, based on the principle of lowest privileges.
5. Monitoring: Conduct regular monitoring and audits to detect suspicious activity or potential security breaches.
6. Incident response: Develop an incident response plan to ensure that security incidents are detected, reported and addressed quickly.
7. Patching and updates: Update assets regularly and apply patches to fix known vulnerabilities and protect against new threats.
8. Training and awareness: Train employees in cyber security best practices and make them aware of their role and responsibilities in protecting the organization’s IT assets.

Eliminate unnecessary resources

To minimize risks and ensure optimal performance, it is wise to keep only the essential systems and data. Non-relevant or obsolete systems or information that does not meet business needs should be decommissioned. In doing so, all related data should be removed and relevant accounts or credentials disabled. Retaining resources that are no longer needed increases information vulnerability without any benefit. Cleaning up such assets helps reduce unnecessary risks.

In short…

IT Asset Management involves managing all IT assets, including hardware, software and data, to strengthen cyber security. The most important asset for organizations includes everything that generates value. In the digital age, cyber security is crucial and IT asset management enhances this by identifying vulnerabilities, monitoring devices, maintaining inventories, improving incident response and minimizing conflicts. Recommendations for effective asset management include inventory, categorization, risk assessment, access control, monitoring, incident response, patching, updates, training and awareness. Elimination of unnecessary assets is essential to reduce risk and ensure optimal performance.

the OpenSight 10 new year’s cyber security resolutions

During the OpenSight 10 new year’s cyber security resolutions, we will publish a blog each week about each of the ten resolutions as listed below:

• The company’s digital assets.
• Are my colleagues engaged and aware of cyber security?
• Are our company assets under control?
• Architecture focused on security and the business.
• How to keep vulnerability management in order?
• Who’s that? And what is he doing here?
• How do we protect digital assets?
• Is this normal behavior and does it happen more often?
• Preparation is key!
• Is there a weak link in my supply chain?

With these 10 new year’s resolutions, we at OpenSight hope to give you some insight regarding the ten steps you could take to decrease the chance and impact of an incident.

Want to know more?

Be sure to keep an eye on our blogs where, following these Cyber Security resolutions for 2024, we will cover all 10 topics in detail. Follow us on LinkedIn to be the first to know about all our updates!

Joint engagement and training efforts are the first line of defense against cyber threats for organizations. Educating employees on the latest threats and best practices can reduce the risk of cyber attacks while minimizing potential incidents.

An effective cyber security strategy places people at the center, with security measures developed collaboratively to meet the practical needs of the organization. Fostering a positive cyber security culture, where employees are active participants and hub input is valued, ensures the prevention and detection of security incidents.

By providing staff with the necessary skills and knowledge through awareness programs, engagement and training, an organization demonstrates commitment to the well-being of its employees and emphasizes their value to the organization. This not only protects the company, but also strengthens employee loyalty and increases the overall value of the organization.

Why are engagement and training crucial in cyber security?

Engagement:
Engagement in cyber security includes creating awareness among employees and users about their role in cyber security, the associated risks and threats, and the steps they can take to protect both themselves and the organization. Fostering a cyber security culture encourages employees to be more observant and cautious when handling sensitive data and using technology.

Training:
Cyber security training is essential to equip employees with the knowledge and skills needed to recognise, prevent and respond to cyber threats. It helps employees understand best practices for securing their devices, passwords and online activities, as well as how to respond to incidents such as data breaches or cyber attacks.

The benefits of engagement and training in cyber security are manifold

1. Improves awareness of cyber security: Regular training increases employees’ awareness of cyber security risks and threats, enabling them to prevent or report suspicious activity. This results in alert employees and thus better security.
2. Less risk of cyber Attacks: Engaged and trained employees reduce the likelihood of cyber attacks through faster recognition and reporting of security incidents. Implementation of best practices, such as strong passwords and two-factor authentication, helps reduce the risk of successful attacks.
3. Improved incident response: Well-trained employees respond more effectively to cyber security incidents, reducing impact and shortening recovery time. Working together to prevent recurrence improves overall response and recovery from incidents.
4. Early detection of security incidents: Employees who feel safe to report problems can detect incidents early, minimizing the impact and preventing escalation.
5. Improved organizational effectiveness: A safe environment encourages openness, which leads to better decision-making and innovation, thus improving the overall effectiveness and competitiveness of the organization.
6. Increased trust and loyalty: An environment where employees feel valued results in increased trust and loyalty. This contributes to job satisfaction, higher productivity and less employee turnover.

In short, creating a secure and open work environment, where employees can report incidents and come up with new ideas, promotes early detection of security incidents, improved organizational effectiveness and increased trust and loyalty to the organization. This helps achieve the goals of engagement and training in cyber security.

Strategies for engagement and training in cyber security can increase success of initiatives

Here are some key strategies:

1. Alignment with different learning styles: Offer training and engagement activities that fit various learning styles. Use various methods such as hands-on activities, visual aids and interactive discussions to meet the needs of all employees.
2. Encourage interactivity: Make training sessions interactive to encourage participation and engagement. Use group activities, scenario-based exercises and quizzes to make the learning experience engaging and participatory.
3. Promote continuous learning: Given the constant evolution of cyber threats, it is essential to provide continuous learning opportunities. Make sure employees stay informed of the latest threats and best practices such as AI.
4. Use of realistic scenarios: Make training more relevant by using real-life scenarios. This helps employees understand how cyber attacks can affect their work and the organization, increasing their motivation to take cyber security seriously.
5. Encourage accountability: Hold employees accountable by setting clear expectations and evaluating their progress regularly. Assess the effectiveness of training and engagement initiatives and provide constructive feedback to employees.
6. Role of executives in cyber security: To promote a strong cyber security culture within an organization, it is vital to emphasize the role of senior leaders. These leaders serve as role models through their behavior. When senior leaders prioritize compliance with security policies and processes without exceptions for themselves, it is made clear that cyber security is a top priority. As role models for the organization, they help establish a culture of responsibility and commitment to cyber security.
7. Taking sufficient time for the visible effects of awareness campaigns: Give awareness campaigns time to have impact. Analyze not only immediate results, but also appreciate the long-term effects.

Standing strong together

Organizations can effectively address cyber threats by engaging and training employees. Raising awareness about recent threats and best practices reduces the risk of cyber attacks and minimizes damage. A positive cyber security culture, combined with training, leads to improved awareness, reduced risk, improved response and early detection. Strategies include diverse learning methods, interactivity and continuous education. Leaders play a crucial role as role models. It is important to allow sufficient time for visible effects of awareness campaigns and align messages with staff and organization. A safe working environment contributes to the success of engagement and training in cyber security.

the OpenSight 10 new year’s cyber security resolutions

During the OpenSight 10 new year’s cyber security resolutions, we will publish a blog each week about each of the ten resolutions as listed below:

• The company’s digital assets.
• Are my colleagues engaged and aware of cyber security?
• Are our company assets under control?
• Architecture focused on security and the business.
• How to keep vulnerability management in order?
• Who’s that? And what is he doing here?
• How do we protect digital assets?
• Is this normal behavior and does it happen more often?
• Preparation is key!
• Is there a weak link in my supply chain?

With these 10 new year’s resolutions, we at OpenSight hope to give you some insight regarding the ten steps you could take to decrease the chance and impact of an incident.

Want to know more?

Be sure to keep an eye on our blogs where, following these Cyber Security resolutions for 2024, we will cover all 10 topics in detail. Follow us on LinkedIn to be the first to know about all our updates!

A new year is coming and therefore it’s time to evaluate 2023, and start with new year’s resolutions for 2024. At OpenSight we believe cyber security has to be on top of the new year’s resolutions list for 2024. This is especially with the changes in the market as well as upcoming laws and regulations. We at OpenSight want to start this year off right with our 10 new year’s resolutions for cyber security.

During the OpenSight 10 new year’s Cyber Security resolutions, we will publish a blog each week about each of the ten resolutions as listed below:

1. The company’s digital assets.
2. Are my colleagues engaged and aware of cyber security?
3. Are our company assets under control?
4. Architecture focused on security and the business.
5. How to keep vulnerability management in order.
6. Who’s that? And what is he doing here?
7. How do we protect digital assets?
8. Is this normal behavior and does it happen more often?
9. Preparation is key!
10. Is there a weak link in my supply chain?

With these 10 new year’s resolutions, we at OpenSight hope to give you some insight regarding the ten steps you could take to decrease the chance and impact of an incident.

1. Digital assets of the company

For cyber security, initiating a robust cyber security plan is an essential first step, focusing on identifying and evaluating potential risks to the organization’s digital assets. This requires a comprehensive risk assessment to identify various threats, both external and internal, that may affect the security of our digital assets. During this risk assessment, it is crucial to prioritize risks based on their potential impact on the organization’s digital assets.

2. Are my colleagues engaged and aware of cyber security?

Cyber security represents a shared responsibility, where every employee within the organization must be aware of the crucial role they play in protecting the organization from potential threats. Awareness of cyber security and the individual responsibility of each employee are paramount. For this reason, it is necessary to hold regular engagement and training sessions aimed at informing employees about the latest cyber security threats, promoting best practices for safe online behavior, and teaching skills to recognize and appropriately report potential security incidents.

3. Are our company assets under control?

For cyber security, asset management is an essential facet. This revolves around accurately identifying all (digital) assets held by the organization, including their value. This includes hardware and software as well as data. After identifying these assets, the organization can implement effective measures to protect them, such as access control, monitoring and encryption.

4. Architecture focused on security and the business.

For cyber security, a strong cyber security plan depends on an architecture specific to security. This includes setting up a secure network architecture and secure configuration management that limits access to sensitive information and controls user privileges. In addition, it includes the implementation of firewalls, threat detection and prevention systems, and other security measures to protect the network.

5. How to keep vulnerability management in order.

For cyber security, vulnerability management involves identifying and addressing vulnerabilities in the organization’s systems, applications and networks. This process includes regular vulnerability scans, thorough risk assessment for each vulnerability, and implementation of effective measures to manage the risks.

6. Who’s that? And what is he doing here?

For Cyber Security, Identity and Access Management (IAM) is an essential component within the domain. IAM focuses on managing user identities and controlling access to systems and data. It provides solutions for user authentication, authorization and access control mechanisms, aiming to ensure that only authorized users have access to sensitive digital assets.

7. How do we protect digital assets?

For cyber security, data security includes ensuring the protection of sensitive information from unauthorized access, theft and destruction. This includes the implementation of data encryption, access controls and control measures with the goal of preventing data breaches and cyber attacks.

8. Is this normal behavior and does it happen more often?

Voor cyber security zijn logging en monitoring van cruciaal belang voor het identificeren van mogelijke beveiligingsincidenten en cyberaanvallen. This includes collecting and analyzing system and network logs, monitoring user activity and setting up automated alerts to immediately notify security personnel of potential threats.

9. Preparation is key!

Cyber security implies that incident management is the preparation for the response to security incidents and cyber attacks. This includes forming a response team, clearly defining roles and responsibilities, and establishing communication protocols to ensure an effective response to cyber incidents.

10. Is there a weak link in my supply chain?

For cyber security, supply chain security is vital for organizations that rely on external vendors and suppliers. This requires implementing security measures to ensure that all vendors and suppliers adopt uniform security standards and have adequate security measures in place to protect sensitive information.

Want to know more?

Be sure to keep an eye on our blogs where, following these Cyber Security resolutions for 2024, we will cover all 10 topics in detail. Follow us on LinkedIn to be the first to know about all our updates!

At a time when cyber threats are becoming increasingly advanced, the European Union introduced the NIS2 Directive as a measure to strengthen the cybersecurity and digital resilience of EU member states. As a successor to the original NIS directive, NIS2 brings with it some new obligations and challenges that require immediate management attention within organizations. This article highlights the key points of NIS2 and what top management needs to know to ensure compliance and optimal preparation.

Comprehensive sectoral coverage

The NIS2 directive is not just limited to traditionally vital sectors such as energy, transportation and health-care, but now extends to other sectors including government and digital service providers. This means that a wider range of organizations are now within its scope and must comply with the new cyber security standards.

Supply Chain Responsibility

Companies covered by NIS2 must also take measures to ensure that the security of their suppliers and partners is secured. We call this supply chain responsibility. This could have a major impact on suppliers to these sectors. In practice, we will see that under the NIS2, sectors will place more requirements on their suppliers and it will become a testing criteria in procurements.

Obligations

Core obligations under the NIS2 include a duty of care and incident reporting. Organizations are required to conduct their own risk assessment and take appropriate measures based on that assessment to protect their services and information. For incidents that (may) significantly disrupt service delivery, there is a duty to report within 24 hours to the supervisor. Furthermore, cyber incidents must also be reported to the CSIRT for help and assistance.

Supervision and enforcement

The NIS2 Directive provides for independent monitoring of compliance with its obligations. It is important for management to understand who the regulators are and how enforcement will be implemented in practice, including the potential fines and penalties for noncompliance.

Preparing for NIS2

Preparation is critical to comply with the NIS2 guideline. This includes updating existing cybersecurity policies and procedures, strengthening incident response plans, and ensuring sufficient resources and expertise to meet its obligations. The basis for preparing for NIS2 can be found in existing information security frameworks, such as the Government Information Security Baseline (In Dutch Baseline Informatiebeveiliging Overheid, or BIO) for government agencies.

Communication and training

The people in your organization are one of the most important aspects when it comes to preventing successful cyber attacks. It is therefore essential that management ensure broad awareness and understanding of NIS2 obligations within the organization. This can be achieved through training, information sessions and ongoing communication about the changes brought about by NIS2.

In short…

The NIS2 directive brings new obligations and challenges that require a proactive approach from management. A thorough understanding of the directive, its obligations and the potential consequences of noncompliance is critical to ensuring cyber resilience and minimizing risk. By taking action now and creating a solid plan, organizations can position themselves to not only comply with the NIS2 directive, but also to strengthen their overall cyber security posture in light of the evolving cyber threat landscape.

NIS2 brochure

Detailed information about NIS2 can be found in our NIS2 brochure. It can be downloaded at the bottom of this page.

The idea that only large companies are targets of cyber attacks is outdated. Every organization, including yours, can become a target. Even with solid cybersecurity measures in place, incidents, such as system failures or ransomware, can occur.

Cyberveiligheid is niet meer slechts een zaak voor technici, maar een organisatie brede verantwoordelijkheid en dient scherp op het vizier te staan van de directie en de managementleden. Het onderwerp blijft echter abstract voor velen en vereist duidelijkere uitleg over hoe men deze verantwoordelijkheid kan dragen en regelmatig kan toetsen. In dit stuk presenteren we enkele cruciale stappen om je onderneming te wapenen tegen cyberdreigingen en de operationele continuïteit te waarborgen.

Risk management is the starting point of good security management. Understanding your cyber risks is crucial. This process is similar to how you evaluate risks around fire safety. In three steps, you can assess your risks:

Step 1: Define business goals and identify essential information/data.
Identify critical information needed for your production or service, including data, assets, applications and services.

Step 2: Identify causes, risks and financial impact.
What could threaten the continuity of your organization and what would be the financial impact if a risk materialized?

Step 3: Determine actions to be taken.
How quickly can you detect an incident and inform relevant stakeholders? On average, it takes 197 days for a company to become aware of a breach, sometimes it even takes up to 3 years. Analyze existing procedures and identify additional measures to reduce risks.

Some basic measures – also called cyber hygiene – should be implemented by every organization. This is not only for the organization itself or its employees, but also for its customers and partners. A hacker doesn’t always walk the straight path. Over the years a supply chain attack has become increasingly common. In which a hacker looks for a supplier of an eventual target that is vulnerable to get in through that route. This leads to huge reputational damage and can also cause high financial claims.

Research shows that 60% of SMEs that are victims of a hack fail within six months due to operational disruptions, loss of customers, high recovery costs and emotional stress. Reputational damage often makes the situation worse. While not every cyber attack is catastrophic, it can take weeks to months for normal business operations to resume, resulting in significant revenue loss.

In the event of a cyber incident, executives can be held personally liable for damages suffered. This emphasizes the importance of proper preparation and risk management to reduce personal and organizational financial risks.

Would you like more explanation on this topic? Or do you need help organizing and structuring a cyber secure business? If so, feel free to contact us!

With the increasing number of cyberattacks and organizations falling victim to a cyberattack, the question is not ‘if’, but ‘when’. Especially when organizations don’t improve their IT-security. Security awareness, or workplace awareness, plays a crucial role in improving an organisation’s (online) security. In this article, you will read more about the different levels of awareness and how to apply them in practice.

Introdution – The journey towards a secure organization

More and more, the news is reporting about large organisations and companies that have fallen victim to a cyber attack. For example, the The Dutch Data Protection Authority saw an explosion in the number of data breach reports in 2021, and the number of ransomware attacks has increased by 33% in recent years, according to the annual report of the Public Prosecutor’s Office. That’s double compared to the previous year. Yet a lot of organizations lags behind when it comes to cyber security. For example, the report “Cybersecurity awareness in the European Union” showed that many employees are unaware of the risks of cyber attacks and only a small proportion of employees are trained in cybersecurity.

In this article, we explain in three steps how to better protect employees so that they contribute to the security of your organisation. Each level has its own steps, tips & tricks, but some levels will overlap here and there.

What exactly is a cyber attack?

A cyberattack refers to destroying, changing, or gaining access to (personal) data of an organization, without the permission of the organization. For example:

• Your USB flash drive with sensitive data from customers gets stolen;
• A hacker breaks into your computer network and steals (personal) data;
• Any type of ransomware.

Hackers that break into the network of an organization and acquire sensitive data are more common than often thought. To make matters worse, according to research from Cisco, about 60% of cyberattack victims go bankrupt within 3 years after the attack. Almost all organizations depend on their digital data. It has a huge impact if this data leaks or gets damaged. We often see a long-term impact on business operations from a cyber attack. This could result in immediate operational loss, claims for damages due to inability to fulfil obligations or serious reputational damage. There are also hefty recovery costs and investments involved in a cyber attack so that security weaknesses can be closed. The combination of these issues put the survival of the organisation at risk. It’s not necessarily the cyber attack in itself that leads to bankruptcy, it’s the road towards recovery and the costs involved that kill these organizations. When it comes to cyber security it’s always better to be safe than to be sorry.

What forms of cybercrime are most common in organizations and what is the damage?

For the past years a lot of us have been working from home, and the majority of business conversations have been taking place online. While this way of working had positive effects, it also opened the door for data leaks and cybercrime. Perhaps you’re already familiar with the most common types of cyber crime, perhaps not. In any case, here’s an overview:

Malware

Malware is an umbrella term for software like viruses, spyware, and Trojan horses. Malware usually ends up on a computer or network when employees click on a link or document that contains this software. Because the work traffic of many organizations has been from home in recent years, we have seen an increase in malware attacks.

Ransomware

Ransomware is a nasty form of malware. It prevents people within the organization from accessing important documents or processes that are essential for the organization to keep running. Often a large ransom is demanded from the organization to regain access.

Phishing

Phishing is probably one of the most common forms of cybersecurity today. Both privately and professionally, we see more and more people falling victim to the psychological game hackers play during a phishing attack. They often pose as a well-known supplier or company and then ask for important details. Remote working has given a boost to the increase of phishing.

Password hacks

Password hacks are a little different of nature. These attacks use intelligent programs that can guess weak passwords. Another method of accessing employee passwords is keylogging. Here, common keystrokes on a computer are ‘remembered’ without permission. Employees that use the same password to get access to multiple platforms are at higher risk to get hacked.

The consequences of a cyberattack

It’s evident that the consequences of a cyberattack have a major impact. Identity theft due to a cyberattack is no joke, nor are the loss of sales or reputational damage. A few things that influence the impact of a cyberattack:

• How quickly can you recover: If the organization has the procedures in order and can recover quickly from an attack, this significantly reduces the impact. A temporary (short) disruption can often be managed well.
• Special characteristics of the organization: To illustrate, when a hospital gets attacked, the risks are a lot higher than when data gets leaked at the local newspaper office.
• Duration of the attack: Sometimes a hacker has been in for days or weeks. If this is not detected, the damage can be very targeted and even impair recovery capabilities.

How do I make my employees aware of the risks?

Cyber risks come in different shapes and sizes. They all ask for a different approach. By actively involving employees in the company’s security, many of these cyber risks can be prevented. But exactly what levels of cyber-awareness are there and what should you pay attention to for each level?

Security Awareness Maturity Model (SAMM)

The Security Awareness Maturity Model (SAMM) is a model for measuring and improving employee security awareness within organizations. Developed by the Software Assurance Forum for Excellence in Code (SAFECode), the model provides organizations with a framework for establishing, maintaining and improving their security awareness programmes.

SAMM consists of five levels, each with its own set of criteria and objectives:

1. Unaware: In this level, there is no security awareness programme or the programme is immature and unstructured.
2. Reactive: In this level, there is a basic security awareness programme in place that focuses on responding to specific incidents or events.
3. Proactive: In this level, there is a more formal and structured security awareness programme in place that focuses on proactive risk management and incident prevention.
4. Optimized: In this level, the security awareness programme is fully integrated into the business processes and culture and there is a continuous improvement cycle.
5. Leading: In this level, the organisation is a leader in security awareness, with an innovative and advanced programme that goes beyond best practices and focuses on the latest threats and technologies.