In a race against the threat of rising cybercrimes, FBNQuest, through its Thought Leadership medium, has called on the need to recognise the strategic importance of managing companies’ security infrastructure.
According to FBNQuest, organisations of all sizes should be looking at what to do when (not if) they are hit by cyber-attacks.
FBNQuest noted that “the current international threat landscape is incredibly diverse and includes a resurgence of bored teenagers who hack just for the fun of it, nation-state groups, and cybercriminal syndicates and gangs.
“For the latter groups, the operational objective is to leverage a new exploit to extort millions and achieve an extraordinary return on investment,” FBNQuest said.
It then tasked organisations to apply the fundamentals of cybersecurity that will offer protection. This includes tightening the email loop, which makes it difficult to fall for phishing attacks.
Others include fending off malicious ransomware, securing network access, shutting down internal threats, solidifying storage and backups, as well as managing vulnerabilities.
Read also: Seplat gets ISO assets management certification
noting that, “The key to successful vulnerability management is to identify all the ways an attacker can move throughout your network and reach your business-critical assets. Once you have identified these attack paths, you can focus on locking down chokepoints and stopping hackers before they even get started.”
It also tasked parties to ensure that a detailed Incident Response Plan (IRP) is put in place.
“Cyberattacks may be inevitable, but a detailed Incident Response Plan (IRP) provides both a buffer and an antidote if the plan is tested. This means that the first time to verify an IRP is not in the middle of a crisis.
“The best way to determine whether the company’s IRP is effective is through tests that assess the readiness of their incident response teams. These tests, which work for all-size companies, come in the form of fire drills and tabletop exercises (TTXs). Each test serves a different purpose.”
The company noted that while cyber-security has been largely associated with computers and IT infrastructure, greater consumer use of smart devices has raised overall vulnerability. At the enterprise level, shifting to cloud computing may have cut company costs significantly, but it has also increased the risk of digital attacks.
“Despite the broad-based implications of these risks, many businesses are unprepared to deal with them, as the alarming number of threats clearly indicates. These developments imply that security is no longer merely a concern of IT managers, but a key boardroom topic because enterprises need to recognise its strategic importance. Companies need to beef up their security infrastructure to prevent breaches while simultaneously building a sustained organisational culture of safety,” it warned.
