Build a Cyber Security plan for 2024

As the digital world continues to evolve and expand, an effective cyber security plan is more important than ever. With the prevalence of cyber threats and attacks on the rise, businesses and organisations must take active steps to protect their data and systems from these malicious intrusions. Developing an effective cybersecurity plan for 2024 can help safeguard against the growing risks of cyberattack and other malicious activity.

With the rise in cloud solutions and remote working, IT environments and networks are more vulnerable to cyberattacks than ever before. These cyber threats don’t just impact large, corporate organisations. Every week we hear about small businesses and even schools being targeted by malicious activity, such as data breaches and ransomware attacks. This article will outline the steps you should be taking to increase your cyber security in 2024.

Why should you be prioritising your Cyber Security?

The most crucial step in protecting yourself from intruders is being aware of risks and taking necessary action. While it's impossible to stop every attack, it's important that any cyber threats are thwarted as soon as possible, or if the worst-case scenario happens, that it is as difficult as possible for the attacker to access your most sensitive data.

It’s also vital you have a cyber security plan in place for your action and response in the event of a successful breach of your defences. Your response to a cyberattack can influence your future, as we see more and more fines issued for incorrect data protections as well as diminished brand trust for those unfortunate enough to have lost their customers’ most sensitive information.

A well-thought-out cyber security plan can help your business and it’s employees prepare for the worst, but also give everyone a sense of confidence that they know what to do in response to a threat.

The 6-step Cyber Security Plan for 2024

1. Identify your risks
2. Identify your legal obligations and policies
3. Prioritise your assets and technologies
4. Utilise technologies and partners
5. Train your internal users
6. Test and monitor your progress

1. Identify your Risks and Likely Attack Surface

Step one in your 6-step cyber security plan is to build an understanding of your business or institution, including all its assets, and its likely route of attack. In other words, you need to know what you have to protect, and all the possible routes an attacker could take in order to access those assets.

There are several common attack vectors within your attack surface, and we’ve listed some of them below:

• Insiders – You’ve probably heard the term “inside job” whenever you’ve heard about something suspicious happening to a popular brick-and-mortar business in your area. It’s vital that you know the risk that comes from your internal users, whether that be a disgruntled employee or someone new, with potential ulterior motives for being there.

• Misconfigured networks and solutions – We recently discussed the reasons why organisations should consider Managed WiFi for their offices and buildings; one of those reasons was the common misconfiguration of entire WiFi networks. Misconfigurations of networks, or even solutions commonly used for your productivity, file storage and communication, are a major attack vector that hackers and malicious users look to take advantage of.

• Outdated software and firmware – A major concern for any business or educational institution should be its software and firmware. Whether this be databases, router firmware, or operating systems, they need continuous maintenance to ensure they are updated and protected against new threats.

• Untrained employees – Training is a key element when it comes to risk. One uninformed employee could potentially be the key to your entire security plan being unlocked. Your plan is only as effective as the cyber security practices in place and that includes your employees’ knowledge.

These are just a few of the potential risks and attack surfaces that could be targeted within your organisation. To really know what you need to consider, you should take an in-depth look at every vector within your infrastructure, or commission a third-party company to do this on your behalf (like us!). They will be able to run tests and assessments to fully expose any areas of concern.

2. Identify your Legal Obligations and Policies

Every business and institution will have its own legal obligations and policies that make it compliant with local industry and government legislation. This includes data protection, privacy compliance and industry-specific policies that must be upheld to implement best practices and also avoid large business-ending punishments.

Before prioritising your risks, threats, and solutions, you should be fully aware of your legal obligations in order to understand what you can and can’t do, and also how your cyber security plan should account for them. They will have a big influence on the potential tools and solutions that you can utilise.

3. Prioritise your Assets and Technologies

Once you’ve carried out steps 1 and 2, you should have a comprehensive understanding of your organisation’s assets, its obligations, and its route of likely attack from malicious activity. If you do, then it’s time to begin developing your prioritisation list.

During this phase of your cyber security plan, you’ll need to work with key stakeholders within your organisation to determine which assets should be prioritised for protection, while also determining the level of risk that is posed to them. A simple risk assessment can be used in order to carry out this stage.

The things to consider at this stage of your plan are:

• What are the risks and threats to our assets?
• What data could be exposed?
• What are the negative outcomes of the risks/exposure?
• What is the potential of the risk (is it high risk/low risk etc)?

Once you have successfully carried out this analysis, you’ll be able to effectively draw up a list of solutions and technologies that can help you to protect your assets and data.

4. Utilise Technologies and Partners to Developer your Plans and Policies

As a managed service provider, we understand the complexities of organisations can be huge, and you may not have the staff, skills, and experience to effectively carry out either the previous steps, or the following ones. That’s why it may be wise to identify potential third-party providers who can assist you with your entire cyber security plan.

In 2024, we have endless technologies that can be used to carry out either protection of your assets and risks, or even to analyse your entire infrastructure, networks, employee behaviour, and threats using artificial intelligence (see our recent DarkTrace article to see an effective AI solution).

Because these technologies vary in cost, we understand that they may not be suitable for everyone, but a trusted cyber security provider will be able to assess your requirements and find cost-effective solutions for your needs.

A cyber security plan can only ever be as effective as the people implementing it, and that’s why one of our key recommendations for an effective plan in 2024, is to ensure your plan is analysed and implemented by people with the necessary skills.

If you’re keen to give it a go yourself, try considering the following outline in your cyber security strategy:

• An Event – this is an event that takes place, which exposes your assets and data to a malicious and unauthorised party/user.
• Your Response – This should be your worst-case scenario, disaster response plan. Make sure to document your response actions.
• Analyse the Attack – Understand how an attack took place, what it targeted and what it successfully exposed.
• Mitigating Circumstances – Decide how your actions following an attack and, in the future, will aid in the prevention of attacks and threats.
• Who’s Responsible? – Make sure your plan and strategy fully details who is responsible for what actions and assets within your organisation.

Once you have your strategy, you should detail your disaster response plan and consider the following stages:

• Analyse and Prevent – Analyse the type of cyber attack, its scope and the impact it could potentially cause if left without action.
• Detect and Contain – Detail your detection protocol for recognising malicious activity, and then outline how to contain the activity to ensure it spreads no further.
• Respond and Remove – Consider how you’ll disable the attack’s capabilities and remove it entirely from your infrastructure.
• Recover – Restore your assets back to their original health, resume normal organisational operations, while reducing the risk of a repeat attack.

Once you have detailed your strategy and plan, ensure this is communicated to those who will benefit from it. Move on to step 5 to ensure everyone inside the organisation is clued up.

5. Train your internal users

Employees, contractors, or students may not intend to put your organisation’s network or data at risk of a cyber attack, however, a lack of training, knowledge and skills can create a threat surface.

At its most basic level, a simple phishing email can unlock your network by gaining unauthorised access via basic login credentials, and with new threats being produced and recognised almost hourly, it should be a huge aspect of your cyber security plan for 2024, to ensure your users are kept updated and tested on best practice.

Your internal users are your first line of defence when it comes to prevent and identifying malicious activity. You can implement various types of training, but whichever method you choose, ensure it happens regularly and becomes part of your on-boarding process for new users.

6. Test and Monitor your Progress

You may well consider this the “fun part” of the process, but it’s also one of the most important. At this stage you should have fleshed out your business’ assets, risks, and attack surface, as well as your strategy for on-going cyber security, your response plan, and your training plan, but now it’s time to put it to the test.

We recommend working with a professional security provider for this stage, if you haven’t already, in order to analyse the effectiveness of your solutions and any further weaknesses.

You should consider penetration testing, ethical hackers and dark web monitoring, in order to test out whether your data is accessible or has been shared amongst malicious networks. The outcome of this stage is to identify all of the above, before a cyber attacker does.

Consider these types of tests when discussing them with your provider:

• Internal – The simulation is carried out from an internal employee’s perspective, connected to organisation’s internal network.
• External – In this simulation, the test is carried out from an external standpoint, trying to break through the organisation’s external-facing security solutions, websites, and servers.
• White Box – In this scenario, the testers are supplied with prior knowledge regarding the organisation’s sensitive information, and in turn, they use this to try to access it, looking for specific areas and weaknesses in the route.
• Black Box – This is a “blind” test scenario where the tester is given absolutely no information other than the name of the organisation.

The Next Steps

A third-party security provider will be able to assist you with every stage of building your cyber security plan, and may even recommend further stages, and more detail in each. This overview is designed to get you thinking about the basic principles of building an effective cyber security plan for 2024.

With this information in mind, you should be well on your way to protecting your organisation’s sensitive data and assets, however, if you’re still struggling with any aspect and you’re looking for a team who can help you implement anything we’ve mentioned above, why not reach out to us and have a chat about your requirements so we can assist you in implementing effective cyber security solutions and plans.