Cyber Security measures use various Cyber Security frameworks, Technology Controls depending on the size of the business to maintain BAU. Various government bodies in different geographic regions have defined control frameworks including:
- NIST – National Institute of Standards and Technology; a non-regulatory agency of the U.S. Department of Commerce. Its mission is to promote innovation and industrial competitiveness. Its Cybersecurity Framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk; its 19 control families contain 285 controls.
- ISO 27001– Best known part of the ISO/IEC 27000 family of standards; provides requirements for an information security management system (ISMS), a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes, and IT systems by applying a risk management process.
- COBIT – Control Objectives for Information and Related Technology; manual for IT Governance, for guaranteeing security, quality and compliance in information technology
- ITIL – Control Objectives for Information and Related Technology; manual for IT Governance, for guaranteeing security, quality and compliance in information technology
- Essential 8 – implementation of strategies can be cost-effective measure to prevent adversaries to compromise systems
In Addition to the above frameworks, there are certain technology controls that are help prevent Cyber Attacks.
- Advanced Fraud Detection
- Cloud Security
- Data and Application Security
- Endpoint Security
- Identity and Access Management
- Mobile Security
- Network Security
- Security Analytics
- Threat Intelligence
There are some basic practices and technology controls that can help implement Cyber Security measures at a bare minimum level. There is no single strategy that can prove to be a complete protection against the Cyber Crimes, but the below practices can however reduce the chances of Cyber Attacks and helpful in mitigating the most common IT Risks.
- Usage of Strong Passwords
- Password Rotation Policy
- Control Access
- Implement Web-Filtering
- Install / Enable Firewalls
- Secure WI-FI Networks
- Secure IT Gadgets
- Implement Multi-Factor Authentication
- Back Up Data Regularly
- Educate Users on Cyber Security
- Cyber Crime Insurance Policy
