The term “cybersecurity” certainly has demonstrated longevity as a powerful buzzword for organizations across all industries, in all verticals.
Cybersecurity controls are critically important. The best practices and regulatory requirements associated with cybersecurity are not going anywhere. Organizations should be aware that “cybersecurity” means different things to different people. These differing interpretations can often lead to misconceptions, or even false conclusions.
There are even regulatory bodies that intertwine “cybersecurity”, “governance, risk, and compliance (GRC)”, “Information Security”, as well as a variety of other terms. Remember this: an organization can have cybersecurity controls in place and not have a comprehensive Security Program, but you cannot have a comprehensive Security Program in place without having appropriate cybersecurity controls in place.
Regardless of how any organization, agency, or regulatory body defines it, or what they call it, a comprehensive Security Program that contains cybersecurity controls is necessary to protect the operations of all organizations. This is also necessary to meet defined regulatory control requirements with which organizations are required to comply. These controls are the focus of pitfall #54 in my eBook, Security Program Pitfalls and Prescription to Avoid Them.
Your organization should ensure that your technical security solutions are continually managed to help ensure the continued security protection and operational resilience of information systems. This includes critical applications and infrastructure devices. Technical security solutions should be configured to perform in a manner that is consistent with the requirements defined in the Security Program policies, plans, and procedures that have been implemented by your organization.
Information systems should be monitored to detect attacks and indicators of potential attacks in accordance with organization-defined monitoring objectives. Your systems should be monitored to detect unauthorized local, network, and remote connections. Any identified anomalous activity should be investigated to ensure the potential impact of detected events is understood. Roles and responsibilities for detection should be well defined to ensure accountability. These activities, along with appropriate response scenarios should be addressed within your incident response plan and vulnerability management framework.
To learn more about this pitfall, and 99 more, get my book: 100 Security Program Pitfalls and Prescriptions to Avoid Them (available on Amazon here). Or register for a demo of the ASCENT Security and Compliance Portal and get a free synopsis of the 100 Security Program Pitfalls eBook today.