Keep your enterprise secure and productive with the right cyber response strategy

After identifying and assessing your cyber risks, you now need to treat them. Your organisation’s risk appetite will be a prime factor in deciding how to handle your cyber risks for the best trade-offs between levels of protection and budget. After deciding whether to avoid, mitigate, transfer, or accept risks, you’ll need to implement your cybersecurity in a way that keeps your organisation secure without sacrificing productivity. The Australian Cyber Security Centre (ACSC) has defined prioritised mitigation strategies to achieve suitable cyber defence. In addition, Microsoft has solutions to help you do this, as well as practical tips and advice.

Deciding how to deal with cyber risk

If you’re at the stage of cyber risk response for your organisation, you’ve already done the work to identify your cyber risks and to analyse and assess them. Now, you want to know – How do you deal with them?

Enter risk response or the process of treating and controlling risks. It’s up to you and your organisational stakeholders to decide on and plan the treatment of each cyber risk of importance, using your organisation’s risk appetite as a tool to help you figure out the right approach.

4 forms of response to cyber risk

There are essentially four ways to treat cyber risk:

• Avoid it
  Risk doesn’t just disappear. However, you may have the option of not needing to face it. For example, by moving to password-less access for your users, you can avoid the risk of password hacking. Multi-factor authentication (MFA) and single sign-on (SSO) can provide effective protection while offering a good user experience.
• Mitigate it
  Some risks can be reduced. Given that risk = size of impact X probability of impact, diminishing one or both these factors will lower the risk. Thus, cybersecurity education campaigns can reduce the risk of phishing attacks by making them less probable.
• Transfer it
  Insurance companies now offer policies for insurance against cyber risks of different kinds, including data breaches and unavailability of assets. As you might expect, there are often strict conditions attached, including proof that assets have been properly secured beforehand.
• Accept it
  Low risks may be acceptable without any further action, especially if they cost more to treat than the cost associated with their materialisation. Thus, that donut counting application in your cafeteria with its low impact and low probability of impact may be represent a risk so low that your time, effort, and budget are clearly better invested elsewhere.

Collaboration is key

Effective cyber response also needs good collaboration, internally and externally. Inside your organisation, develop relationships and discussions with management to show how suitable cyber response can help favourable business outcomes. Define cybersecurity policies and processes with the same goal in mind, ensuring they make sense to users and achieve a suitable balance of cyber protection and flexibility. Outside your organisation, share threat intelligence information with others in your sector, so that everybody wins.

Frameworks and tools for cyber response.

The Australian Cyber Security Centre (ACSC) has defined strategies to help cyber security staff across industry sectors to mitigate cyber security incidents. The 37 prioritised strategies are organised in 4 groups with a suggested order of implementation.

Microsoft solutions for cyber risk response include:

• AI technologies in Microsoft Defender for Endpoint and the Azure Security Center that can automatically investigate, prioritise, and remediate threats.
• Security posture management products like Microsoft 365 Secure Score and Azure Secure Score that also let you benchmark your organization against similar ones in your industry.