Cybersecurity Watchdog
Provides Security Strategy for
Organisations
Earlier this year, Ireland’s National Cyber Security Centre published guidance on cybersecurity for Irish businesses. It’s a valuable addition to the roster of material available to help organisations to develop or refine their security strategy. Let’s take a look at some of the key points from the guide and what they could mean for organisations.
designed to help spread the message widely, the document presents its 12 steps in three formats: as an infographic (see below), on a single page of text, and then as longer descriptions for each step.
This language echoes the Central Bank of Ireland’s 2016 guidance which warned about this risk in similarly stark terms. “Firms should assume that they will be subject to a successful cyber-attack or business interruption”, the bank said.
• Identify key systems and services for your business
Reading through the guide, it’s striking how it starts from the premise that attacks are already going on. As the introduction makes clear:
• Based on that risk analysis, identify the key areas to address such as single points of failure, inter-reliance of systems and interdependency of systems
Preparing for ‘when’, not ‘if’
The NCSC’s high-level document aims to make businesses more resilient to security incidents. That’s an approach we can all get behind. In several blogs from last year, we looked at this very issue through a business
• Engineer ways to mitigate the impact of any potential failure, either through cybercrime or other means.
“Cyberattacks make headlines on a daily basis. It’s no longer a question of if your company will be breached, or
Looking back, it’s interesting how many of the themes overlap with the
Security resilience
FEATURE Cybersecurity
 The report’s non-technical language show that it’s clearly intended for a wide audience. In a move that’s doubtless
even when, it’s likely to have happened already. The real question is whether you will know and are you prepared?”
and risk lens. In one post, Brian Honan suggested a four-step process to improving resilience:
  • Look at the key risks and threats to those services
Council Journal 17