And Another One…
The recent breach of cybersecurity company FireEye by nation-state hackers was part of a larger attack, believed to be affiliated with the Russian government gained access to systems belonging to several US government agencies. The attack continues to demonstrate that cybersecurity is a full-time job and organizations must continually evaluate and enhance the security posture of their networks.
As organizations and networks evolve over time, regular on-going cybersecurity risk analysis of the organization and its assets should be performed to help develop the necessary security controls.
There are several steps in completing a cybersecurity risk analysis, which needs to be part of every organization’s cybersecurity toolkit.
Inventory of Systems and Resources
The initial step of the risk analysis is to identify and catalog all business network resources, including computers, tablets, printers, servers, phones, IoT devices that are connected to the network. Include any resources that maybe be outside your physical locations; does your organization utilize third-party cloud services or vendors? Then those need to be included and analyzed.Identify Potential Weaknesses and Threats
Identifying how and where cyber attacks could gain access into your systems and data can help better understand a potential threat. Does your organization use IoT devices? If so, connected devices and smartphones are usually the biggest weaknesses that most organizations face. The threats include unauthorized access to the network, data leakage, process failures, data loss and disruption of service.
Determine the Risk Impact
After all systems and resources have been identified and the potential weaknesses and threats identified, the actual risk to the business needs to be thought about. How would a cyberattack hurt your business? What would a data breach impact? What information is most at risk?
List all risks and rank them on a scale of low, medium and high. Determining the risk involves a ratio of the potential damage a cyber attack could do to the likelihood that a system could be compromised. Map the risk levels and then conduct the analysis on how likely a risk scenario is to occur and what the financial impact would be. This analysis will help prioritize the parts of the infrastructure that needs to be secured.
Develop Cybersecurity Controls
With appropriate security controls and mechanisms in place, the security posture of your organization will be enhanced, and potential risk reduced.
Potential security controls can include:
Zero Trust Architecture
Enhancing firewall controls
Using encryption wherever possible
Using or enhancing endpoint protection
Use multi-factor authentication
Use risk management software to manage the process
Evaluate and Repeat
A successful risk analysis comes with the ability to accurately measure results and provide the opportunity to make improvements. Networks and business systems change constantly making the evaluation and continuous improvement probably the most important step.
A cybersecurity risk analysis should be an annual task ensuring that changes in the organization or high-risk assets are not left vulnerable to an attack.