Security Strategy
Strategy must be at the heart of everything we do in IT Security.
Protecting key information assets is of critical importance to the sustainability and competency of all organisations, and the as part of national critical infrastructure, our clients need to be on the front foot in terms of their cyber preparedness.
Cyber security is all too often thought of as an IT issue, rather than a strategic risk management issue. Board level commitment is imperative.
Threats are constant, and there are many different attack vectors. It is never possible to nullify every single attack, no matter how good the underlying infrastructure. It is, however possible to prepare for such an eventuality. Planning is key to ensure that there are documented responses which can be implemented swiftly, allowing the organisation to recover in an acceptable timeframe.
By identifying the main priorities and developing action plans to support the achievement of the resulting goals, your organisation benefits from better risk management, a set of clear policies and processes, a risk-aware culture and adequate contingency plans in the event that the worst should happen.
Key Tenets of Good Strategy
The underlying requirement is that to define a robust, wide-ranging core policy.
Once this is in place develop strategies which address:
- Core network
- Wide range of devices and access methods
- Network hygiene and compliance
- Addressing legacy and unpatched systems
- Enterprise-wide user Training and acceptable use policy
