Book an appointment with Boardroom Media using SetMore
Connect with us

Automate your incident detection and response systems for a faster recovery

Mandatory data breach compliance is now enforced upon many regulated entities and the time has arrived to apply best practice and raise the bar by escalating your cyber security and the manner in which you protect the confidentiality of personal records and information, maintain the integrity of such records and protect against unauthorised access to, or use of, such records or information that could result in substantial harm and embarrassment to employees, clients or stakeholders.

Financial institutions have been targeted for cyber-attack by criminals for several years and have suffered various impacts.  Stakeholders who play key roles in cyber security who represent small banks, credit unions, financial practices such as CIOs, IT staff, vendors and contracted specialists who procure software, manage systems, administer users, apply updates and patches, and secure networks need to be continuously on the move with developing and improving risk and incident management capabilities.

Experience from examining the current cyber threat environment has identified that many firms are still slow to adopt critical cyber security enhancements and it’s estimated that the threat is advancing rapidly at such a rate as to surpass network technology, processes and tools currently in use by many firms because of non-responsive and slow static processes.  This supports the argument that there is a need to progress from static risk and incident management practices and move towards a dynamic, network centric and automated approach that encompasses the latest technology, principles and controls that will enhance significantly the manner in which future network risk and incident management can be conducted.

Cyber Security professionals have developed enabling technology such as behavioural analytics, anomaly detection, and next generation network intrusion detection and response systems which can integrate with additional SMART technology and be paired with the real-time diagnostics capability that new cyber security solutions can provide.  

Initially you should examine you own operating environment, your legal and IT security situation, then, conduct a cyber risk review to identify the level of your ICT systems’ current capabilities and vulnerabilities comprising first and foremost the ability to protect data and to eliminate data leakage, respond to security breaches, to monitor real-time events during live-time scanning operations, and then meet the requirements of regulated industry and audits.  Your results should be prioritised and guide future control safeguards development and implementation.

Your selection of control safeguards can be formulated into a framework which fuses technology with innovative systems and processes that can be adapted and applied to your ICT systems.  Remedial actions should address immediately your shortfalls to reduce vulnerabilities and improve capabilities and it is essential that these actions are supported by a well-prepared strategy which will enable the concepts to be understood by the non-technical disciplines.  By applying automated detection and response technology you can reduce the burden and complexity upon those who are at times hesitant or slow to react to incidents indicative of a cyber-attack, many of which are difficult to identify due to the covert nature of attack.

Network Centric platforms which incorporate next generation incident detection and response systems can be tailored to match your critical cyber risk management requirements and aim to significantly improve your responsibilities towards safeguarding information and privacy, audit and compliance, and the overall network security performance.  When considering your future design of a Network Centric platform you should ensure at a minimum that it includes the following processes:

  • Identifies consistent and standardised framework for network security risk management;
  • Identifies mechanisms for applying the same frameworks to future digital and cyber security technical situations;
  • Generates a methodology that IT staff can use to relate technology to non-technical observers, and
  • Identifies the need for new specific technology and the processes for applying it.

Simon Robinson
Subject matter expert:   Media.  Cyber.  Intelligence Analyst.