U

Find what you are looking for...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
post
product
Filter by Categories
Blog
Customer Case
Event
Guides
Know-how
Learning Center
News
Solution descriptions
Use Case
Webinar
White paper

Start » Learning Center » Blog » Building cyber resilience

Building cyber resilience

It is no news that having sufficient protection of digital information is becoming increasingly important for all organisations. But there are some things that most can do to strengthen their cyber resilience. ENISA and CERT-EU have listed a number of recommendations that all should follow for better cyber resilience – we have elaborated on two on them that we have useful knowledge of.

How to build your resilience

In a publication by ENISA (The EU Agency for Cybersecurity) and CERT-EU (the CERT of all the EU institutions, bodies and agencies), they have stressed the urgency of following some important points that are needed for strengthening your cyber resilience. But there are a few that can be fulfilled by using sufficient cybersecurity products:

  • Ensure that all software is up to date
  • Employ appropriate network segmentation

These are both vital points in building strong cyber resilience.

 

EU

Ensure that all software is up to date – and securely updated

One of the easiest ways to protect yourself is to update all software, and especially if they are security updates addressing known vulnerabilities. This need is due to the fact that in complex software it is almost impossible to avoid errors and bugs which should be corrected quickly when found to ensure stability and security of the systems. In addition to correcting bugs, the manufacturers behind operating systems, firmware and applications drive a functional growth which means that the systems gradually become obsolete and hard to maintain if they are not updated.

However, it is important to make sure that the updates themselves do not pose a security risk as an update means that information is imported or added to the system, and this can lead to unwanted malware entering the system. The integrity and availability of the systems must be maintained, and many system updates are usually not sufficiently screened or evaluated in the environment in which they are used or in combination with the applications running. To avoid the risks and to maintain the integrity and availability of the systems and at the same time enable secure updates, special solutions are needed.

 

Software

 

One solution is to use a data diode that ensures unidirectional communication. The data diode is connected in a way that secures that information can be imported into the system, but since no traffic can be transferred in the opposite direction, information leakage is hindered.

Another solution to further ensure that the update has not been manipulated, the import of update packages can be conducted using file sanitation consisting of two data diodes and a server for antivirus scanning, such as Advenica’s File Security Screener. The file sanitation conducts an independent control making sure that the update is valid. However, even in this case it is best to let the receiving update server verify the signature and thereby get another control of the accuracy of the update.

Learn more about how to conduct secure updates in our solution description!

Employ appropriate network segmentation

To protect your sensitive systems and information you need to use network segmentation. Network segmentation reduces the risk and limits the damage of a cyberattack. Without it, there is a risk that sensitive information can leak or be manipulated, and that malware and ransomware can spread uncontrollably and quickly. Attackers do not normally take the direct path to the target, such as electricity distribution. Instead, they worm their way in via weak points far out in the architecture, via email or customer service, to reach their goal. State-funded attackers are also equipped with patience, prepared to work long-term doing everything in small steps, and are unfortunately often one step ahead. The harsh reality is that industrial control systems may have been attacked without anyone noticing.

 

Network segmentation

 

Segmenting network environments can be a very complex task including many different competencies and can have a major impact on ongoing operations. The complexity depends on aspects such as how big the environment is, what the current situation looks like, budget, what staff is available and the will of the management.

Here are five steps that you can use as a starting point when you start planning your segmentation project:

  1. Create a zone model
  2. Define what should be segmented
  3. Perform a security analysis of included systems
  4. Arrange the systems according to the zone model
  5. Implement, test and put into operation

 

Learn more about network segmentation in our know-how!

Do you want to know more about how we can help you build your cyber resilience? Read more about how we can protect your digital information!

 

New call-to-action

 

 

Related articles

Why investing in cyber resilience is crucial to our society

Why investing in cyber resilience is crucial to our society

With the digital development and cyberattacks increasing, it becomes more and more important that all of society works with cyber resilience. But what is the difference between cyber resilience and cybersecurity? And what is needed in a cyber resilience strategy? In this blog we give you the answers.

Data diodes – a security solution that is secure for many years

Data diodes – a security solution that is secure for many years

When choosing a security solution, there are many aspects to take into account. An important aspect is the lifetime of the solution you choose, that is, how long the solution will actually be as secure as when you bought it, regardless of what new threats and vulnerabilities that emerge. This is one of the reasons why you should choose data diodes as your security solution!

Why is it important to be able to trust digital information?

Why is it important to be able to trust digital information?

Today, much of the information we handle and take in is digital. But how do we know that we can trust the information we read? It is more important than ever that all organisations take responsibility for protecting their information, ensuring that it is accurate and trustworthy. In this blog post, you can learn why information security is so important and what you can do to protect your digital information!

Data diodes – the simple way to secure your valuable information

Data diodes – the simple way to secure your valuable information

When NIS 2 becomes law and authorities will be able to carry out audits to see if organisations meet the requirements of the legislation, it is important to have good documentation of the technical solutions that safeguard your systems. Does your organisation have such clear documentation? The organisations that use data diodes to protect their sensitive information have a simple solution with a high level of security. This makes it easier to gain confidence in the security of the audited system which facilitates an audit and means, among other things, that you need less documentation. Maybe it is time to switch to data diodes?

Explore more