Did you know that a vast majority of data breaches in recent years could have been prevented if the victim companies had paid attention to basic cyber hygiene centered around strong data protection? Many organizations, even while managing complex cybersecurity tools, remain vulnerable to attacks because they lack visibility into their widely scattered datasets and attack surface, and do not have an effective risk management program with clear priorities.
A Structured, Three-way Approach to Cyber Risk Management
At CYRISMA, we believe that IT and security teams can follow a simple three-way approach to strengthen security quickly, without breaking the bank.
Discovering and Securing Sensitive Data
To effectively prevent breaches and minimize the consequences of cyber attacks, organizations need to have complete visibility into the sensitive data they store or handle. Whether you are an organization managing your own cybersecurity or an MSSP / MSP providing security services to other companies, you need to know:
- What data you or your clients have
- Which specific datasets are most critical/sensitive and need to be secured
- Where the data is stored and who has access to the sensitive data
- What steps you need to take to secure this data.
Data security steps may include:
- Deleting data that isn’t needed
- Restricting access to the data
- Moving the data to a more secure location
- Encrypting sensitive data using an approved encryption algorithm
- Other similar actions deemed appropriate by the IT or security team.
Assessing Risk to Critical Assets and Systems
Effectively securing your most critical data will also involve knowing the systems that house the data and whether these systems are vulnerable to threats.
Broader risk assessment would include
- Regular vulnerability scanning and assessment across computing devices and web applications
- Checking if operating systems, software and network devices are securely configured
- Monitoring the dark web for leaked data about the organization
- Estimating the monetary losses that potential security incidents could cause.
To streamline and properly structure the risk assessment process, organizations often use established security frameworks like the Center for Internet Security’s Critical Security Controls (CIS CSCs) or NIST’s Cybersecurity Framework (NIST CSF) as a base standard to compare their own security controls against. Risk assessment and mitigation may also be driven by compliance requirements.
Taking Appropriate Action to Reduce Risk
Once you have a clear understanding of the risk to your own and your clients’ data and critical IT assets, you can start mitigating this risk, patching systems and remediating vulnerabilities starting with the highest-priority systems and data.
- A thorough risk assessment program will help you categorize vulnerabilities by criticality (aligned with your industry requirements, business priorities and estimated monetary impact of potential incidents) so you can focus on what’s most important when creating mitigation plans.
- Mitigation planning would also ideally include establishing accountability in a manner that works for individual organizations and teams. This could involve distributing mitigation tasks among a range of individuals and data owners, delegating tasks where necessary, setting deadlines and due dates, and tracking progress regularly to get closer to planned outcomes.
Seven Steps to Strengthening Cybersecurity Quickly
Based on the three-way cyber risk management approach outlined above, organizations can take seven simple, repeatable steps to get to a more secure state quickly.
- Define criteria for data classification (what data categories are deemed sensitive or critical) based on business context and compliance requirements
- Discover sensitive data across on-prem and cloud environments and determine where it is located
- Review who can access the data and ensure access controls are based on the principle of least privilege
- Identify and assess security vulnerabilities on systems and web applications, and prioritize these vulnerabilities based on criticality
- Identify and assess security gaps in configuration settings on operating systems used across the organization
- Create and execute risk mitigation plans based on the highest-priority systems and vulnerabilities. Mitigation and remediation actions may include patching and updating software, tweaking configuration settings, various data security actions, and notifying customers of vulnerabilities.
- Periodically repeating vulnerability, data and configuration scans and monitoring (and reporting on) the organization’s cybersecurity state and progress over time.
How CYRISMA can help
CYRISMA combines essential security scanning, assessment and risk mitigation capabilities in a single SaaS platform, helping you simplify and streamline cyber risk management within your own organization and for client organizations if you are an MSP or MSSP.
CYRISMA’s core features include (all covered under the standard pricing)
- Vulnerability Scanning and Patch Management
- Sensitive Data Discovery and Data Protection
- Secure Configuration Scanning
- Risk Quantification in Monetary Terms
- Risk Mitigation Planning and Execution
- Dark Web Monitoring
- Compliance Tracking and Active Directory Monitoring
- Cyber Risk Assessment Reporting
For more information about the CYRISMA platform, visit our platform overview page.