Prevention#

Prevention of cyber security incidents is always better, simpler and cheaper than recovering from security incidents. Think of the misery of malware or even worse ransomware.

What is Security Prevention?

Security prevention means thinking about security threats and implementing good security measurements. In this way you prevent cyber security incidents from happening.

Starting with prevention for cyber security risks means starting with one simple step:

  • Perform a risk assessment.

This means you start with the following activities:

  • Create a threat model.

  • Analyse your risk profile.

  • Take measurements to prevent security incidents from happening. Often simple solutions are the best.

Some simple prevention measurements are:

  • Secure Your Networks and Databases

  • Set up firewalls and encrypt information

  • Backup your data

  • Classify your data and secure sensitive data extra

  • Only store information of customers that is necessary

  • Conduct regular audits or just ask an expert to look at your prevention measurements.

  • Use strong authentication and good authorization schemas for access.

  • Keep your software and systems up to date.

  • Educate Your Employees

  • Follow cyber security news to stay alert. A nice cyber news blog is e.g. the Open Security News Overview

  • Use only solutions that you understand.

  • Use only cyber security solutions that you can manage

Note

The holy grail does not exist. Do not trust commercial solutions that claim to protect you against all cyber risks. The holy grail does not exist. This is way we created this Security by Design playbook. To help you free of cost

Tip

Read more: Check some simple solutions from the Security Reference architecture.

Simple prevention measurements#

For many companies time, money and resources are limited. Prevention can be simple and directly effective. So below are some simple prevention measures that will help.

  • Application whitelisting: Windows (and Macs) are intended to be easy to use and, by default, the user can install and run almost any application. Application whitelisting allows only authorised software applications to run on your computer. No other software is allowed to run. This approach is restrictive for some power users, but most users use a small set of applications to complete their tasks. A wider selection is often simply not needed.

  • Patch applications. Many applications are regularly updated to address security vulnerabilities as they become apparent – quickly and regularly updating (or ‘patching’) the software will remove a key means by which cyber-security attacks are carried out.

  • Patch operating systems. As with applications, security weaknesses are often discovered in operating systems. Again, quickly and regularly updating the operating system defends against most cyber-security attacks. The WannaCry attack in 2017, for example, took advantage of a vulnerability that had been patched for nearly two months.

  • Restrict administrative privileges:

  • Disable untrusted Microsoft Office macros

  • Multi-factor authentication. Although having a strong password is an assumed requirement, multi-factor authentication means that the user requires another ‘factor’ in addition to the password for their account (particularly for ‘privileged actions’ on the computer such as installing software).

  • Daily back-up of important data. Make Offline backups that cannot be encrypted by malware or ransomware. This is a key corrective control that stops the malware from encrypting your ‘live’ data as well as the backed-up data.

  • Prevent untrusted code to be run. Despite the many technologies like sandboxing around, the most important and simple measurement is: think! And think again. Security by Design is thinking from different views to be better protected. Be aware of attachments and downloads of strangers.