11
intelligence driven security © MASS. All rights reserved. intelligence driven security Why do Organisations fail Cyber Essentials? 1
intelligence driven security
© MASS. All rights reserved.
intelligence driven security
Why do Organisations fail Cyber Essentials?
1
intelligence driven security
© MASS. All rights reserved.
INTRODUCTIONS
2
Andy Lawson CISSP SCCP
Cyber Essentials Technical Assessor (IASME) / MOD Accreditor (DAIS) NCSC Certified Professional (CCP) Senior Security & Information Risk Advisor / Senior IA Auditor
intelligence driven security
© MASS. All rights reserved.
CYBER ESSENTIALS
3
Clear statement of basic controls that organisations should implement to mitigate the risk
from common internet-based threats.
Mechanism for organisations to demonstrate to customers, investors, insurers and others that
they have taken essential precautions against cyber risks.
All new MoD contracts to stipulate that suppliers are Cyber Essentials Scheme compliant.
intelligence driven security
© MASS. All rights reserved.
CYBER ESSENTIALS
A set of 5 key controls which will provide cost-effective, basic cyber
security for organisations of all sizes:
“80% of cyber attacks could be prevented if businesses put
simple security controls in place”. (GCHQ, 2015)
intelligence driven security
© MASS. All rights reserved.
CERTIFICATION PROCESS
Cyber Essentials (Stage 1).
Certification is awarded on the basis of an independently verified self-assessment. Organisations assess themselves against the five basic security controls.
5
intelligence driven security
© MASS. All rights reserved.
CYBER ESSENTIALS STATISTICS
26%
25% 23%
5%
5%
5%
4% 3% 2% 2% Top 10 Sectors Using CE
Professional, scientific and technical
Information and communication
Other service activities
Financial and insurance
Charity (Registered)
Manufacturing
Administration and support services
Education
Public administration and defence
Human Health and Social WorkSource: IASME
intelligence driven security
© MASS. All rights reserved.
CYBER ESSENTIALS STATISTICS
31%
31%
21%
17%
Key Reasons for Automatic Failures
Security Policy
Current Risk Assessment
Regular Updates to OS
Risk Assessment Approved
Source: IASME
intelligence driven security
© MASS. All rights reserved.
CYBER ESSENTIALS STATISTICS
9%
15%
7%
23%
21%
13%
11%
Top Non-Compliances
Malware protection not rundaily
Endpoint malware not run daily
Firewall passwords notchanged regularly
Admin accounts used day today
Admin account password notchanged regularly
2FA on remote accessterminals
Firewall remote access notaccredited
Source: IASME
intelligence driven security
© MASS. All rights reserved.
COMMON FAILURE POINTS
6%
6%
8%
8%
8%
8%
11%
14%
14%
17%
0% 2% 4% 6% 8% 10% 12% 14% 16% 18%
Updates Regular Applications
Asset Identification
Description of Locations
Device Firewall in Use
Malware Protection on Computers Auto-Update
Malware Protection on Mobile Devices Installed
Firewall Rules by You
Description of Information Systems
Description of Network Boundaries
Office Firewall Password Change
Top 10 Common Failure Points
intelligence driven security
© MASS. All rights reserved.
QUESTIONS ?
intelligence driven security
© MASS. All rights reserved.
The sales pitch …..
11
