Cyber Security Strategy: Step 3 – Detecting and Identifying a Breach

Step 3: Cyber security strategy: Detecting and identifying a breach

The frequency of cyber-attack is increasing. Almost every week we read in the news about a company that has fallen victim to cyber criminals. While it might seem strange, security breaches can go unnoticed. They can also be overlooked by employees who don’t recognise them for what they are. Not all cyber-attacks come with a pop-up message that tells you you’re under attack or being held to
ransom. Many are more subtle than that.

A good cyber security strategy will define what a ‘cyber security incident’ is as it relates to your organisation.  It should include some examples of the types of attack that have the potential to occur so that staff recognise an attack when one happens.

In addition, it should categorise the different types of attack, such as:

  • brand abuse
  • data loss or theft
  • denial of service
  • malicious code attack
  • social engineering
  • unauthorised access
  • unauthorised usage and fraud.

While you can’t know the potential impact of the attack and will always need to take steps to minimise and contain that impact, categorisation can help to define what your first step is.

Empower Your People

Having written your definition and categories list, next you must raise awareness and train your staff.  Knowing what to do in the event of an attack is just as important as knowing you’re under attack.

Make sure every staff member is clear on the role they have to play.  It is essential they understand that cybercrime isn’t just an issue for the IT team. Everyone is at risk and can help in its prevention and management.

Establish a clear system for reporting an attack. Make known the key contacts and steps to take. For example, publicise a phone number for use in emergencies, an email address for informal reporting or queries, and a web-based form for formal reporting.

Use Technology To Your Advantage

Will the technology you have in place advantage or disadvantage you in the event of a cyberattack? Anti-virus solutions are not sufficient protection, and it’s about much more than simply having the latest and greatest of everything.

Establish the right detection tools and tune them to inputs that put you in the picture of current and past events.  This will give you the best chance of stopping an incident in its tracks or tracing the incident right to its origin.

You should also have a lot of other information available to you that can help create rules and trends and detect unexpected or invalid traffic. For example, you can use:

  • Intrusion detection
  • Data Loss Prevention
  • Rights Management
  • Tracking
  • Mobile Device Management
  • access logs to servers and appliances
  • operational logs from systems
  • firewall policy logs.

Take action, and take it now. If you’re not sure where to start partner with a trusted IT partner, someone with expertise in cyber security who you can trust to set you on the right path.

Further Reading:

Cyber Security Strategy Step One – Identify Your Assets

Cyber Security Strategy Step Two – Protect Your Assets

Cyber Security Strategy Step Four – Responding to and Recovering from an Incident 


Contact Us

This field is for validation purposes and should be left unchanged.

Find out how we can help with your IT challenges.

About the author:

Picture of Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing. His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow. After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need. His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder. His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top