Developing cybersecurity strategy for your organization can be overwhelming. Sometimes, your best bet in tackling a complex task can be using a military approach. That’s where the Israeli Intelligence Corps Unit 8200 comes in. The 8200 Unit is globally recognized as an elite, high-tech agency. It is also the largest single military unit in the Israel Defense Forces.
We asked former members of the 8200 Unit some of the most common cybersecurity questions. Here’s what they had to say:
FORMER LIEUTENANT OFFICER IN IDF’S INTELLIGENCE CORPS ANSWERS
1. What’s the most common mistake you see people make that leaves them or their organization vulnerable?
The most common mistakes I see people make are: being tempted to click links or open phishing emails, mistreating confidential information and documents, misconfiguring security controls, not updating/patching software and hardware, and lastly, not investing in training.
2. What kind of metrics can be used to assess how prepared my organization is for a cyber threat? How do we benchmark our performance?
This is a bit tricky, as it is specific to the industry and organization. Overall, you can assess the employees, business and security process and procedures, and security.
Some benchmarks for success can include:
- Efficiency and effectiveness of the the cyber incident procedures and response time
- Education and training – for example measuring cyber literacy and digital hygiene.
- Risk survey and Penetration tests.
- Validation of SIEM rules.
- Manage and monitor indicator of compromise lists and use real-time intelligence.
All of which should be benchmarked in accordance with the relevant industry and best practices and standards (ISO, NIST).
3. How often should a security assessment be conducted?
There are several factors that can affect the frequency of assessments as regulation and compliance requirements, such as being part of a vulnerable sector or industry. Overall, each organization should identify the threshold between business continuity and security assessment.
RETIRED CAPTAIN OF ISRAELI SECURITY FORCES ANSWERS
4. How can IoT security threats be mitigated?
The number of Internet-connected devices has become enormous in recent years, with more than 20 billion Internet connected IoT devices today. There are estimates that this number will be 75 billion by 2025. Not surprisingly, cyber-attacks on IoT devices are also on the rise.
At the organizational level, mitigation of IoT security threats should be addressed in 3 different ways:
- Restrict the usage of IoT devices in sensitive locations (specific networks, physical locations, teams, etc.).
- Be aware of possible IoT cybersecurity threats and address them in the organizational cybersecurity plan.
- Educate employees about related IoT cybersecurity threats.
5. How often should my employees be tested on cybersecurity knowledge and skills?
Ideally – at any given time. A study conducted by the University of Maryland revealed that a cybersecurity attack occurs every 39 seconds on average and that more than 60% of organizations have admitted to being affected by a cyber-attack last year. This means that your organization can potentially become a victim of a cyber-attack at any time.
In reality, it’s impossible for most organizations to train their employees on a daily basis. Most related rules and regulations require employees to be trained and assessed upon hiring and on an annual basis. A comprehensive training program would be based on the above principals and will consist of an onboarding training program for new recruits as well as annual training and assessment for the entire company.
Another important component that a cybersecurity training program should include is monthly or weekly updates about emerging cybersecurity threats and methods to identify and stay protected from them.
6. What should I be doing for employee education in cybersecurity?
An employer should choose an efficient program that will be customized to different employee groups, according to their current knowledge level and their required level of cyber expertise, and will focus on practical tools and hands-on experience in personal cybersecurity.
A self-paced solution, such as an E-learning training platform, with the ability to track and monitor the progress of the employees, can allow your employees to acquire the necessary tools and knowledge while maintaining business continuity and not affecting the company’s activity.
The Bottom Line
There’s no room for error when it comes to defending your organization’s assets and information. As a result, cybersecurity should be an ongoing priority. Following these common cybersecurity practices can help ensure there are no gaps in your defenses.
We understand that managing your organization’s cyber risk is not an easy feat. Connect with Cybint to learn about our solutions and how they can fit your organization.