In today's era, technology has been rapidly developed and invented to respond to the convenience of users, and security technology has continuously been developed, such as hardware or software development, to be prepared for various forms of cyber threats. However, cyberattacks are constantly changing their forms and methods, so using technology alone may not effectively protect organizations. Today, OPEN-TEC (Tech Knowledge Sharing Platform), powered by TCC TECHNOLOGY GROUP, has gathered knowledge from their consulting and implementation experiences for leading enterprises. To elevate organizations' cybersecurity, security management and implementation with the maximum efficiency are required through utilizing three main pillars: people, process, and technology as detailed shown below:
People
According to cyberattack statistics, one of the primary causes is errors or decisions made by “People” who lack knowledge in preparing for cyber threats. Organizations can prevent and reduce the vulnerability of mistakes through the following ways:
1. Awareness Training
Conducting training programs for personnel to impart knowledge and understanding of cybersecurity to reduce the chance of being attacked in various forms.
2. Specialist skills, experience, and qualifications
Skills, knowledge, and experience are significant in the field of cybersecurity, which are included:
2.1 Hard Skills
Knowledge and skills, which are directly related to work, such as programs, risk analysis, understanding in the areas e.g. IoT and cloud security, etc.
2.2 Soft Skills
Various skills, which are necessary for cooperating with others, such as external personality, attitudes, problem-solving skills, communication, emotional intelligence, etc.
3. Authorization control
The access authorization to both the computer and information system should be based on necessity and conform to basic requirements as authorized.
Process
In order to efficiently control human work and technology usage, organizations must rely on a key factor called "Process". By utilizing these processes, organizations can develop and prevent cyberattacks as shown below.
1. Management system and policies
Cybersecurity management and policy are essential principles for technology that organizations should comprehend to utilize in protecting and responding to cyber threats.
2. IT governance, risk, and compliance
To effectively drive an organization with appropriate technology, it is crucial to consider the significance of both Information Technology risk and risk from cyber threats including IT governance, IT risk management, and IT compliance.
3. Frameworks by leading security standard
Principles and practices are necessary for the organizations to be aware of, in order to prevent the damages that are caused by cyberattacks. Some of the frameworks are provided below:
3.1 ISO 27001
An international standard for information security management systems that involves risk assessment, security design, and implementation, as well as clearly specifying operational and management guidelines.
3.2 NIST
The principles and practices of risk management aim to enhance the security levels of the organizations. They include guidelines for prevention planning, detection, and response to threats in a timely and systematic manner.
4. Third-party management
Organizations can utilize frameworks of third-party management to adapt and determine cybersecurity policies in order to prevent cyber attacks.
5. Internal/External audit
An internal audit is a process that aims to review an organization's security system to ensure that it is functioning correctly and is secure for actual use. In the meantime, an external audit is a process that involves a third-party company or individual reviewing an organization's security system to ensure that it complies with relevant standards and laws and that appropriate technologies are implemented to prevent various security threats.
Technology
It cannot be denied that cyberattacks have become continuously and increasingly severe. Therefore, organizations need to select the appropriate technology to support and cope with threats promptly. For example,
1. Endpoint security, detection, and response
The process of promptly checking and detecting suspicious events is crucial for organizations to respond to threats effectively. This process involves collecting and storing data, analyzing the information, and providing rapid responses. It enables organizations to receive immediate notifications in case of an attack, allowing for rapid threat response.
2. Network, infrastructure, and platform security
The security of Network, infrastructure, and platform are the key to preventing unauthorized access by external threats.
3. Web Application Firewall
A tool to prevent attacks in various forms within the organization that filters and checks the HTTP source sent to the website to analyze abnormalities. If there is an error, it will prevent it to reduce the risk of cyberattacks.
4. Software update/patch
Updated software or programs, which are written to fix the previous vulnerabilities.
5. Assessment
Using technology to assess the risks and vulnerabilities of cyberattacks, such as:
5.1 VA scan
Assessing vulnerabilities and risks to security in-depth within the organization to identify problems and provide solutions to reduce risks.
5.2 Pentest
Assessing risks through penetration testing to find vulnerabilities in accessing systems and networks.
6. Identity and access management
Identity and access management are used to control what users can and cannot access, such as email, databases, data, and applications. The goal is to manage access so that only authorized persons can perform their work, while denying access to unauthorized persons, such as hackers.
7. Cloud security
Cloud security will help to improve the security of cloud systems by having secure gateways that can manage various cloud threats effectively.
8. Data security and protection
Data security and protection refer to measures taken to maintain data security and minimize the risk of unauthorized data disclosure.
