The ever-changing cybersecurity landscape presents new challenges and necessitates robust strategies for organizations worldwide. The Infosecurity Europe 2015 keynote by Dave Clemente and panellists Chris Gibson, Tom Mullen, and John Townsend reveals critical approaches in cybersecurity management. Therefore, this paper explores three strategies the video focuses on, their application to various organizational structures, and specific recommendations to Wilmington University.
Three strategies focused on the video.
Strategy 1: Preparation and planning
Preparation and planning are critical to any effective defence mechanism in the cyber realm. Chris Gibson underscored the imperative to be active instead of reactive. Organizations should not wait for an attack to happen so that they start asking themselves, “Now what?” Instead, it should be an every-now-and-then scenario of planning and regularly exercising the different cyber-attack scenarios (Infosecurity Europe, 2016). This approach ensures that in case an actual incident occurs, the response team knows what measures and procedures should be appropriately implemented to mitigate the impact.
Strategy 2: Incident Handling Processes
Another important strategy is the development and improvement of incident-handling processes. The approach includes coping with national-scale cyber incidents and how daily cyber threats are handled. This means a substantial incident-handling mechanism through which organizations can promptly spot, analyze and respond to cyber threats, preventing them from escalating to severe issues (Infosecurity Europe, 2016). This is about making a culture of sustained monitoring and rapid response to system disparities.
Strategy 3: Situational Awareness
Situational awareness is key in the cyber domain. It requires understanding the cyber environment, the possible threats that could take place, and the condition of one’s defence so as to give informed and strategic approaches to responding to cyber incidents (Infosecurity Europe, 2016). This is where the relevance of Gibson’s advice to monitor open sources and keep abreast of news stories comes in. This would involve understanding not just the technical monitoring but also the geopolitical and social contexts that may have a bearing on a cyber threat vector.
Organization recommendations
Multi-site Global Business: A multi-site global business needs a centrally coordinated incident response team complemented by regional sub-teams to operate responsively with agility in response to threats within the stipulated time zones and jurisdictions (Balber et al., 2022). Adding a global threat intelligence platform will enhance situational awareness and orchestrate the response to an incident.
US Mid-sized Business – Central Office: One way a US mid-sized business can secure itself against cyber threats is by training employees on cybersecurity awareness. Such a business could be well secured from cyber-attacks by consistently updating the incident handling process to reflect new threats (Balber et al., 2022).
Global Non-profit: For a global non-profit, there has to be a top priority in sharing threat intelligence and best practices through partnering with cybersecurity firms and other non-profit entities (Balber et al., 2022). This can further be complemented by leveraging cloud-based security services so that better access and means are available, which can enhance their capability in cyber defence at the least cost possible.
Recommendation for Wilmington University
For Wilmington University, cyber security is not supposed to be a course offered in the curriculum but rather integrated to a scale whereby it identifies the culture. This integration may entail periodic cybersecurity drills for students and staff and workshops run by cybersecurity experts to keep everybody informed about the new threats and defences (Chin, 2023). Also, a unique university team for cyber case response should be established, along with tools and information specifically intended to handle incidents related to a potential cyber case.
In conclusion, from the strategies discussed above during Infosecurity Europe 2015, there is a keen realization of proactive, prepared, and aware strategies that are highly needed in the face of cyber threats. Organizations implementing these strategies will transform their cybersecurity posture and significantly reduce the risk and impact that cyber-attacks can have. In this context, the strategies mentioned above safeguard the digital assets of Wilmington University, and the students are being readied in a manner that will allow them to face the same scenarios in their professional lives, understanding the world of cybersecurity better.
References
Infosecurity Europe. (2016). Infosecurity Europe 2015 – You’re Under Cyber-Attack. Now What? Www.youtube.com. https://www.youtube.com/watch?v=G2B5p7oIQxk
Balber, S. S., O’Donnell, J. J., & Freehills2015-03-23T14:59:00+00:00, H. S. (2022). Top 10 things to do when responding to a cyber security incident. Strategic Risk Global. https://www.strategic-risk-global.com/top-10-things-to-do-when-responding-to-a-cyber-security-incident-/1413251.article
Chin, K. (2023, September 15). How Colleges & Universities Can Prevent Ransomware Attacks | UpGuard. Www.upguard.com. https://www.upguard.com/blog/how-colleges-and-universities-can-prevent-ransomware-attacks
write