CYBERSECURITY MEASUREMENT

CYBERSECURITY MEASUREMENT

The Measurement for Information Security program develops guidelines, tools, and resources to help organizations improve the quality and utility of information to support their technical and high-level decision making.

Security Measure means a way to manage a security risk, protect the Informational Resources and/or prevent any Security Event, whether such method is technological, physical, administrative, technical, procedural, and legal or any other mean. A Security Measure can include, without limitation, a policy, procedure, standard, controls, hardware, software, firmware, organizational structure or any technological or physical tool.

This definition is the easiest in that it is the most rigorous – there are four conditions for a function to be a metric (we shall remain firmly uninterested in these axioms) and inadmissible candidates can easily be rooted out. In business practice, a metric is defined much more loosely. The online “Business Dictionary” defines metrics as “Standards of measurement by which efficiency, performance, progress, or quality of a plan, process, or product can be assessed”.

Every organization in the Nigeria is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.

Common Cybersecurity Measures:

Use strong passwords: Strong passwords are vital to good online security, make your password difficult to guess by:

  • using a combination of capital and lower-case letters, numbers and symbols
  • making it between eight and 12 characters long
  • avoiding the use of personal data
  • changing it regularly
  • never using it for multiple accounts
  • using two-factor authentication

Create a password policy for your business to help staff follow security best practices. Look into different technology solutions to enforce your password policy, e.g. scheduled password reset. For detailed guidance on passwords, read the National Cyber Security Centre’s (NCSC) guide on using passwords to protect your data and consider different password strategies that could boost your business security.

  • Control access to data and systems: Make sure that individuals can only access data and services for which they are authorised. For example, you can:
  • control physical access to premises and computers network
  • restrict access to unauthorised users
  • limit access to data or services through application controls
  • restrict what can be copied from the system and saved to storage devices
  • limit sending and receiving of certain types of email attachments

Modern operating systems and network software will help you to achieve most of this, but you will need to manage the registration of users and user authentication systems – e.g. passwords. For more information, read NCSC’s introduction to identity and access management controls

  • Put up a firewall: Firewalls are effectively gatekeepers between your computer and the internet. They act as a barrier to prevent the spread of cyber threats such as viruses and malware. It’s important to set up firewall devices properly and check them regularly to ensure their software/firmware is up to date, or they may not be fully effective. Read more about firewalls in server security.
  • Use security software: You should use security software, such as anti-spyware, anti-malware and anti-virus programs, to help detect and remove malicious code if it slips into your network. See our detailed guidance to help you detect spam, malware and virus attacks.
  • Update programs and systems regularly: Updates contain vital security upgrades that help protect against known bugs and vulnerabilities. Make sure that you keep your software and devices up-to-date to avoid falling prey to criminals.
  • Monitor for intrusion: You can use intrusion detectors to monitor systems and unusual network activity. If a detection system suspects a potential security breach, it can generate an alarm, such as an email alert, based on the type of activity it has identified. See more on cyber security breach detection.
  • Raise awareness: Your employees have a responsibility to help keep your business secure. Make sure that they understand their role and any relevant policies and procedures, and provide them with regular cyber security awareness and training. Read about insider threats in cyber security.

You can use the National Cyber Security Centre’s (NCSC) free Check your cyber security service to perform a range of simple online checks to identify common vulnerabilities in your public-facing IT.

Leave a Reply

Your email address will not be published. Required fields are marked *

Work with the best Finance Team

About Company

Subscribe Newsletter

Sign up for our latest news & articles. We won’t give you spam mails.

Copyright © 2023 sobanjointernational.com All Rights Reserved