11 Nov Preventing a cyber attack: how do you do it?
Preventing a cyber attack: how do you do it?
Cybersecurity special October 2022
The Netherlands National Communications Security Agency (NBV) of the General Intelligence and Security Service (AIVD) has published a cybersecurity strategy titled ‘Defensible network, how do you do it?’. In it, the NBV offers advice on how organisations can secure their networks. How can you prevent your organisation from being shut down by a cyber attack? We always have to stay one step ahead of hackers and other cybercriminals. The quality of your IT infrastructure is essential in preventing cyber attacks.
Use an organisation-wide approach to prevent cyber attacks
The key is taking an organisation-wide approach. Attackers only need to find one entry point. Every business process and component of the IT infrastructure should have the desired level of security. It is about more than just technology. NBV’s cybersecurity approach is based on three principles and four pillars.
- Risk-based: how can you get the right level of resilience at the right place in the organisation? The residual risk has to be acceptable.
- Assume a breach: prepare for a cyber attack with the aim of reducing the duration and damage.
- Continuous improvement: the threat to IT infrastructures is constantly changing. Anticipating this is crucial.
Cyber security approach: how do you do it?
The NBV has defined four pillars to base your approach on.
- Context analysis: analyse and decide where high resilience is essential and where lower resilience is acceptable. This will help you arrive at an effective and efficient strategy.
- Resilience: take preventive measures, such as identity & access management, segmentation and shielding, hardening and periodic testing.
- Detection: discover attacks in good time. Install nodes in your IT infrastructure that detect cyber attacks quickly.
- Damage control: be prepared to respond appropriately to a successful cyber attack.
“Our cyber security approach provides guidance on how to create a modern information security strategy and gives structure to complex security discussions,” the NBV said.
Joanknecht IT Assurance
Need help applying these principles and pillars? Our IT auditors and cybersecurity specialists are experienced with these issues. Please feel free to contact us. Together, we can determine what is necessary to ensure your organisation is cyber resilient.