In light of the recent warnings around potential Iranian cyber attacks, global consulting firm Protiviti has laid out steps companies should take to protect themselves against cyber threats. Jonathan Wyatt, global head of Protiviti Digital, recommends that organisations determine to deter, identify and respond to cyber attacks.
Enhance security awareness
Organisations should continue ongoing efforts to keep employees engaged and motivated and, in view of the present environment, turn up the volume in their communications on this issue. In addition, they should increase awareness through testing for sophisticated phishing attacks and also ensure the organisation has updated information on indicators of compromise for recent attacks.
Identify the most critical systems, applications, infrastructure and third party needs to support important business services
Organisations cannot maintain and build resilience in the face of significant cyber threats unless they have a clear understanding of their environment and the most important elements that enable the business to function.
Implement mitigating controls to protect those critical technologies that cannot be patched
These technologies may include medical devices, industrial control systems and legacy applications, such as network segmentation and other solutions.
Seek and share the latest cyber threat information
Sharing of cyber threat information among businesses, as well as between Government and business, could help mitigate attacks from nation states. Companies should connect with an ISAC to ensure that they have the latest information to hand.