Five ways Technology, Media and Telecommunication (TMT) Organisations Can Protect Their Information
Cyberthreats continue to manifest and present a constant risk to all organisations, particularly small to medium enterprises. Obtaining personal and organisational information is a prize for malicious attackers to sell on the black market, or to use for ransomware schemes.
Technology, media and telecommunication (TMT) organisations are a target for malicious attackers given their large collection of personal information and intellectual property (IP). Most small to medium enterprises in the TMT industry find it challenging to address cyber threats due to limited resources and strained infrastructures that inadequately protect their crown jewels. It is critical for organisations to focus on their risks, as well as ensuring the highest return on investment for cyber security resources.
Unfortunately, many TMT organisations have difficulty hiring adequate resources who can fill all roles required to sustain an entire program. Most organisations are already behind on capital expense cyber security spend, resulting in a gap between what is being spent on cyber security and what should be spent. This often calls for a realignment of the overall budget.
In addition to combatting the increasing number of cyber threats, organisations are also challenged with addressing a surge of regulatory compliance. A growing number of states and countries are beginning to enact cybersecurity legislation to address the protection of information. All organisations are required to comply with the Australian Privacy Principles (or relevant state-based data protection acts) with some organisations also having to comply with the European Union’s General Data Protection Regulation (GDPR). However, many organisations have been slow to develop adequate compliance processes.
What should TMT organisations do?
To address this increasing cyber threat environment, it is important for TMT organisations to adopt a variety of measures to fortify the perimeter of their organisation while also strengthening their internal processes and systems.
While cyber resources may be in short supply, there are a variety of basic blocking and tackling efforts that can be done to strengthen information security.
Note the following five suggestions:
- Assess your information
There are three questions every organisation should be asking themselves:
- Where is my information?
- Who has access to it?
- What protections do I have in place to secure my information?
Identifying key information sets and establishing the location of this information is critical to secure it from outsiders. Given the rapid growth of TMT organisations, added acquisitions, and new employees and accounts, exercising an adequate control over information can become complicated. Organisations should assess their information, determining the type and location, and have a rigorous policy in place regarding access to the information, and then regularly monitor that access. Organisations should have systems and policies in place to address their overall risks, benchmarked against recognised security frameworks.
- Consider cyber insurance
To combat cybercrime repercussions, cyber insurance has become an effective solution that has been widely adopted across the world.
Though relatively new in Australia, the adoption rate is increasing by many small to medium enterprises in the TMT industry. While the usage of cyber insurance is gaining momentum, many executives do not have a full understanding of their coverage. It is critical that organisations understand their policies to ensure that any exposures are addressed. A periodic evaluation of the insurance policy is also required to account for evolving risks to the organisation.
- Train your people
When we work with our clients to identify and remediate their cybersecurity vulnerabilities, we frequently conduct penetration testing and social engineering to understand where immediate exposures might occur.
During this testing, we regularly uncover weak passwords that are easy to exploit. We can also illustrate how social engineering efforts are effective at preying upon users who are often the weakest element of security controls. Much of this naive user behaviour can be addressed by improved user training and oversight where unacceptable practices are challenged, and appropriate behaviours are incentivised. We have seen a significant increase in the resilience of an organisation when proper user training and management are implemented within a company.
- Move to the cloud
As TMT organisations grow, they can lose control of their information and fail to understand how much information they have and where it resides.
In response, organisations can move their information to the cloud for increased efficiency and access, as well as enhanced security. Cloud vendors’ economy of scale enables them to implement more extensive security measures and controls that are not typically realistic for some small to medium enterprises. However, before moving to a cloud solution, it is important to have a solid understanding of the type of information being stored and accessed. This will help determine the level of security required by the cloud provider. As your organisation moves to the cloud, controls that were previously required to protect environments may not be as effective. It is essential to develop a cloud security architecture that segments the infrastructure to reduce the impact should a breach occur and place restrictions on who has access to particular segments. This helps control possible entry points by unwanted intruders.
- Plan to respond
When a breach occurs, it is not the optimal time to action your neglected, outdated incident response plan (IRP) and attempt to figure out what to do next.
The IRP should be a living, evolving strategy and testing of your plan should be conducted every six months, where possible. Roles and responsibilities should be concisely listed, and action steps must be comprehensive. Evaluate the process and revise the plan as needed.
For more information on Cyber Security Tips for SME's
This article was adapted from an article published on the RSM US website on 11 October 2019.