Our Views:
A selection of issues relevant to Forensic and Cyber Security matters during the last month. This month’s theme is “Cyber Security Awareness”.
Cyber Security Awareness under the NIST Cyber Security Framework
Of the 108 Sub-Categories listed under the NIST Cyber Security Framework, at least five are dedicated to Cyber Security Awareness. These fall under the Function ‘Protect (PR)’, within the Category ‘Awareness and Training (AT)’. By way of definition:
The organisation’s personnel and partners are provided cybersecurity awareness education and are trained to perform their cybersecurity-related duties and responsibilities consistent with related policies, procedures, and agreements.
Specifically, the five sub-categories include:
- PR.AT-1: All users are informed and trained
- PR.AT-2: Privileged users understand their roles and responsibilities
- PR.AT-3: Third-party stakeholders (e.g., suppliers, customers, partners) understand their roles and responsibilities
- PR.AT-4: Senior executives understand their roles and responsibilities
- PR.AT-5: Physical and cybersecurity personnel understand their roles and responsibilities
Using a Simulation to Train on Cyber Incident Response Plans
For the same reason why fire evacuation procedures are tested, so should your cyber incident response plan. All key staff must understand the plan and practice it, often!
A large portion of a dealing with a Cyber Incident involves non-technical issues such as legal, communications, regulatory issues, etc. Accordingly, it should be more than just your IT team who are preparing for and partaking in a Cyber Incident Simulation.
The key outcome of a Cyber Incident Simulation, or tabletop exercise as it is often referred, is that your organisation will have greater confidence to prepare, respond and recover in a crisis. By conducting a simulation, you will:
- Establish your current state of readiness
- Gain a better understanding of the cyber risks you face
- Practice your decision making in a safe environment
- Identify areas for improvement
Actioning Cyber Security Awareness
We recommend that organisations deliver their cyber security awareness initiatives through training programmes. These can be delivered via numerous forms such as online, gamification, tabletop simulation, or seminars.
You should also set targets for improvement and measure progress over time. The NIST Cyber Security Framework tiers are a good example of this.
For the first of our Cybercrime Q+A sessions, we met with Mindshift, a New Zealand organisation which specialises in Cyber Awareness. Click on the following link to access a video of our conversation.
For readers wishing to receive additional Forensic and Cyber Security information, the Premium Edition of the NZ Incident Response Bulletin is now available to clients who are subscribed to our Incident Response Retainer. The Premium Edition contains recent publications on Threat Alerts, Security Frameworks, Information Security Surveys, Forensic News and Research. Please contact us at support@incidentresponse.co.nz for further information or to request a one-off complimentary copy.
To subscribe or to submit a contribution for an upcoming Bulletin, please either visit https://incidentresponse.co.nz/bulletin or send an email to bulletin@incidentresponse.co.nz with the subject line either “Subscribe”, “Unsubscribe”, or if you think there is something worth reporting, “Contribution”, along with the Webpage or URL in the contents. Access our Privacy Policy.
This Bulletin is prepared for general guidance and does not constitute formal advice. This information should not be relied on without obtaining specific formal advice. We do not make any representation as to the accuracy or completeness of the information contained within this Bulletin. Incident Response Solutions Limited does not accept any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, when relying on the information contained in this Bulletin or for any decision based on it.
Incident Response Solutions 