intelligence driven security

© MASS. All rights reserved.

intelligence driven security

Why do Organisations fail Cyber Essentials?

1

intelligence driven security

© MASS. All rights reserved.

INTRODUCTIONS

2

Andy Lawson CISSP SCCP

Cyber Essentials Technical Assessor (IASME) / MOD Accreditor (DAIS) NCSC Certified Professional (CCP) Senior Security & Information Risk Advisor / Senior IA Auditor

intelligence driven security

© MASS. All rights reserved.

CYBER ESSENTIALS

3

Clear statement of basic controls that organisations should implement to mitigate the risk

from common internet-based threats.

Mechanism for organisations to demonstrate to customers, investors, insurers and others that

they have taken essential precautions against cyber risks.

All new MoD contracts to stipulate that suppliers are Cyber Essentials Scheme compliant.

intelligence driven security

© MASS. All rights reserved.

CYBER ESSENTIALS

A set of 5 key controls which will provide cost-effective, basic cyber

security for organisations of all sizes:

“80% of cyber attacks could be prevented if businesses put

simple security controls in place”. (GCHQ, 2015)

intelligence driven security

© MASS. All rights reserved.

CERTIFICATION PROCESS

Cyber Essentials (Stage 1).

Certification is awarded on the basis of an independently verified self-assessment. Organisations assess themselves against the five basic security controls.

5

intelligence driven security

© MASS. All rights reserved.

CYBER ESSENTIALS STATISTICS

26%

25% 23%

5%

5%

5%

4% 3% 2% 2% Top 10 Sectors Using CE

Professional, scientific and technical

Information and communication

Other service activities

Financial and insurance

Charity (Registered)

Manufacturing

Administration and support services

Education

Public administration and defence

Human Health and Social WorkSource: IASME

intelligence driven security

© MASS. All rights reserved.

CYBER ESSENTIALS STATISTICS

31%

31%

21%

17%

Key Reasons for Automatic Failures

Security Policy

Current Risk Assessment

Regular Updates to OS

Risk Assessment Approved

Source: IASME

intelligence driven security

© MASS. All rights reserved.

CYBER ESSENTIALS STATISTICS

9%

15%

7%

23%

21%

13%

11%

Top Non-Compliances

Malware protection not rundaily

Endpoint malware not run daily

Firewall passwords notchanged regularly

Admin accounts used day today

Admin account password notchanged regularly

2FA on remote accessterminals

Firewall remote access notaccredited

Source: IASME

intelligence driven security

© MASS. All rights reserved.

COMMON FAILURE POINTS

6%

6%

8%

8%

8%

8%

11%

14%

14%

17%

0% 2% 4% 6% 8% 10% 12% 14% 16% 18%

Updates Regular Applications

Asset Identification

Description of Locations

Device Firewall in Use

Malware Protection on Computers Auto-Update

Malware Protection on Mobile Devices Installed

Firewall Rules by You

Description of Information Systems

Description of Network Boundaries

Office Firewall Password Change

Top 10 Common Failure Points

intelligence driven security

© MASS. All rights reserved.

QUESTIONS ?

intelligence driven security

© MASS. All rights reserved.

The sales pitch …..

11