|Network Security: Protect your networks from attack. Defend the network perimeter, filter out unauthorized access and malicious content. Monitor and test security controls.|
|User Education and Awareness: Produce user security policies covering acceptable and secure use of your systems. Include in staff training. Maintain awareness of cyber risks|
|Malware Prevention: Produce relevant policies and establish anti-malware defenses across your organization.|
|Removable Media Controls: Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware before importing onto the corporate system|
|Secure Configuration: Apply security patches and ensure the secure configuration of all systems is maintained. Create a system inventory and define a baseline build for all devices.|
|Managing User Privileges: Establish effective management processes and limit the number of privileged accounts. Limit user privileges and monitor user activity. Control access to activity and audit logs.|
|Incident Management: Establish an incident response and disaster recovery capability. Test your incident management plans. Provide specialist training. Report criminal incidents to law enforcement.|
|Monitoring: Establish a monitoring strategy and produce supporting policies. Continuously monitor all systems and networks. Analyze logs for unusual activity that could indicate an attack.|
|Home and Mobile Working: Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline and build to all devices. Protect data both in transit and at rest.|
|Set Up Your Risk Management Regime: Assess the risks to your organization’s information and systems with the same vigor you would for legal, regulatory, financial or operational risks. To achieve this, embed a Risk Management Regime across your organization, supported by the Board and senior managers.|
About Niyaz Sheikh
VP Cyber Security Connectis Group accredited with Masters in Computer Applications(MCA). Masters of Business Administration (MBA). Trained in ISO 27001 (Lead Implementer) Information Security Management System (ISMS), ISO Lead Auditor, CISSP, CISM, CCSP, FCNSA, FCNSP, TCSE, TCNE, Microsoft Azure Certified and CEH. 15+ years experience building managed complex secure IT operations, defining corporate security vision & strategies. Command of Cyber Security practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, incident response methodologies and implementing security procedures and protocols.
You also might be interested in
Human Error-Tool for Hackers The hackers around the world have[...]
The more connected we become, the more vulnerable our data:[...]
Learn how to protect your critical applications, networks from Ransomware attacks.