7 tips for better IT security

Every other year, the Dark Figure Survey is published on behalf of the Business Security Council (NSR). These are the seven security recommendations you should address starting today. 

1. Protect email and browser

Several preventive technical measures protect the transport of emails between servers to reduce the risk of breaches of confidentiality, integrity, and emails with a false sender address. These measures are described under principle 2.8 "Protect Email and Browser". 

2. Use malware scanning on emails and attachments

Use automated tools to analyze incoming messages, message attachments, and clickable links in these to uncover malware and other threats. This is described in measure 3.1.3 under principle 3.1 "Detect and remove known vulnerabilities and threats".

3. Mark unsafe/suspicious messages

It can be helpful for users if messages are clearly marked if they have not been secured during transport between servers as described in point 1 of this list, or if they are identified as suspicious by the measure described in point 2 of this list.

4. Authentication of users

An attacker can also gain access to the email system by exploiting a user's access and sending messages with malware from the internal user. In this way, the attacker can bypass some of the preventive security measures mentioned earlier in this list. NSM's principle 2.6 "Have control over identities and accesses" describes relevant measures.

5. Provide users with training and better risk understanding

Although several layers of preventive technical security measures have been established, there is a risk that messages with malware or manipulation attacks end up in the user's inbox. Social manipulation works. Therefore, it is important that users have received training and have a security understanding that reduces the risk of being deceived.

6. Detect security breaches

For the attacker, it is just a matter of time. No matter how many layers of preventive security measures have been established, security incidents can affect all organizations. It is therefore essential to have established good and effective consequence-reducing measures. Rapid detection of security breaches is the best starting point for reducing the consequences of a security breach. Principles 3.2 "Establish security monitoring" and 3.3 "Analyze data from security monitoring" describe relevant measures that can be established to detect security breaches. Contact us if you want to know how we can help you set up good security solutions. 

7. Manage incidents and restore normal operational situations

The last point in the review of scenarios is the handling of the unwanted incident. It allows for preparation for possible incidents with the aim that handling of such incidents can be carried out effectively. NSM's principles in category 4 "Manage and Restore" focus on handling desired incidents, minimizing damage, eliminating the cause of the incident, and restoring the integrity of networks and ICT systems.

Source: The Dark Figure Survey 2020

The Dark Figure Survey maps the IT conditions in private and public enterprises. The survey is unique in Norway and is an important contribution to mapping the extent of cybercrime and IT security incidents, as well as awareness about information security and the implementation of security measures in Norwegian businesses. The Dark Figure Survey is launched for the 12th time at the Security Conference 2020