Step 2: Identify a target maturity (this is not what you think is realistic to achieve, but rather the risk associated with exposure to more sophisticated attacks given the nature of your systems and data requirements) Step 1: Review the key elements of the model As discussed, there are four maturity levels (level 0 – level 3) within each control – focussing on these controls and building your maturity to a level that fits your risk profile will go a long way to safeguard your business from cyber-risk. How you can implement Essential Eight in 5 stepsĪCSC Essential Eight is summarised in the diagram below. The framework is simple and guides you through four maturity levels – each step up caters to protection against a more sophisticated attacker. You may wonder how you can protect your business sufficiently when unlike enterprise companies, you cannot have an entire teams devoted to managing cybersecurity.įor SMBs, we recommend the guidance as detailed in the ACSC Essential Eight Maturity framework. As long as they are getting away with it, it will continue. With the primary motive to make money, it is easy to see why ransomware is such a popular method of attack. Your hard-earned dollars – Cybercriminals mostly target companies for profit, particularly in New Zealand. Enterprise organisations are usually harder to breach, making the smaller business partner a viable target to get into the systems of the enterprise client. Your links to larger companies – we live in a world where businesses are digitally connected to each other for a variety of reasons – manage supply chains, share information, complete transactions etc. Your valuable data – hackers know that even SMB data is easy to profit off on the Dark Web – do you hold medical records, credit card details, bank account details or perhaps proprietary information? The crims either use it themselves to get into bank accounts and commit fraud or they sell it to other criminals. SMBs perform services to enterprise level companies and have some form of access to their systems e.g., an HVAC contractor delivering services to a large retail chain was hacked and their access used to breach the retailer. Actually, some of the biggest data breaches start out at smaller businesses. How to protect your Small / Medium business from cyber-attackĩ7% of New Zealand Business is categorised as SMB, but how at risk are SMBs really? Whilst the headlines are usually filled by hacks involving large companies, don’t be fooled into thinking that cybercriminals discriminate by size.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |