This blog covers how you may improve your “Ability to Anticipate” cyber security risk events, thereby building a proactive cyber resiliency program for your organisation.
The aim of this blog is to not only educate, but to trigger questions that will empower you to challenge your current approach to cyber security.
Step 1 – How are you vulnerable to attack?
Do you understand how your organisation may be exposed to cyber security risks? How are you vulnerable?
These are unique and are likely to be down to company characteristics such as:
- The industry that you are in
- Your customer base
- The type of software that you rely upon
- The number of legacy systems still in use
- Dependency on data accuracy
- Dependency on the world-wide web.
Do a quick evaluation and highlight the potential areas of your business that may be exposed.
Step 2 – Threat Profiling/Cause Analysis
Based on your unique situation, (i.e., industry, business activities and location) which threats are most likely to occur?
Do you have a clear indication of what may expose your vulnerabilities? i.e., what series of events may occur that lead to a risk occurrence?
By understanding what may cause a risk to occur you will be in a far better position to be able to identify key risk indicators (KRIs) and anticipate its occurrence.
Step 3 – Developing Intelligence
Effective KRIs should be:
- Measurable (e.g., quantifiable in a number, count, percentage)
- Predictable (to provide early warning signals)
- Comparable (enable trends to be tracked over time)
- Informational (to help measure the status of a risk and control).
KRIs can be both leading and lagging:
- Leading KRIs are measures that can help to forecast future occurrences.
- Lagging KRIs are metrics based on historical measures.
Don’t forget to set thresholds for your KRIs, at what point do you want to act to prevent risk occurrence?
What alerts or processes are readily available or can be put into place to act as your cyber security KRIs?
These KRIs will vary depending on the tools and resources you have available as well as your budget. They may also be a mix of automated system alerts through to physical spot checks (such as penetration tests).
Keep an eye on the news, technical papers and surveys that indicate a change in the threat landscape. These are examples of Leading KRIs. For example:
- Is there an increased exposure to fire, flood, storm events that may impact your essential services (electricity/aircon/fuel)? (Considering cyber security these may be triggers that impact IT system availability)
- Is your industry being targeted? i.e., are we seeing increased cyber-attacks on a sector?
- Are the technical solutions you rely upon being targeted or ageing?
- Have there been any realised risks within other organisations? What happened (cause)? How did they respond? How did it impact them? Could it happen to you?
How ISD Cyber can help
If you’re unsure where to start, we can help you to define your cyber security risks and KRI’s.
ISD Cyber provides tailored solutions that will help you to build a Strategic approach to cyber security and help you to Optimise existing capabilities, and Remediate gaps in control effectiveness and efficiency.
Contact us today at enquiries@ISDCyber.com.