4 Principles of Cybersecurity: Govern, protect, detect, and respond

Why is cybersecurity crucial to your business? 

Most of us have dumped our old filing cabinets. It’s much safer to store our sensitive personal information, financial data, and confidential business information online - yes? 

Well, yes. Providing you’re doing everything you can and should to protect it. Data protection’s still a hot topic, and a cybersecurity breach can leave businesses reeling. 

You could be looking down the barrel of hefty legal and financial consequences. And there’s the reputational damage. Social media spreads bad news quicker than anything around, and sometimes, there’s no coming back once you’ve lost the trust of your clients, partners and investors. Here’s a deeper dive into why you need cybersecurity.

Why are smaller businesses more at risk of cybercrime? 

The simple answer? Cybercriminals see you as a softer touch. Because smaller companies’ resources are usually more limited, they often lack the same cybersecurity standards and infrastructure of bigger businesses, making you more vulnerable. Chances are, you’re also likely to be less well-equipped to bounce back from the financial and reputational fallout, or from having to shut up shop while you put things right. 

How can you help your business stay safe – no matter what size you are?   

The four principles of cybersecurity

The four key principles of cybersecurity – govern, protect, detect, and respond – give you what can be grandly called a comprehensive 'threat modelling overview'. But think of it as a handy how-to guide that identifies weak spots, helps you set objectives and come up with counter-measures. So let’s have a look at each. 

Govern is all about creating a compliance framework that sets out how you manage and protect your information and systems. It’s usually a set of policies and procedures that includes:  

• Risk management – identifying and assessing the risks relating to your information, and what steps you’re taking to reduce them. 

• Policy development – how you’ll keep tabs on your cybersecurity and identify ways to improve, so you’re always at the top of your game. 

• Compliance management – making sure your cybersecurity approach doesn’t fall short of the relevant laws, regulations, and industry standards. Remember that regulations can change fast, so check back regularly.

• Incident response – how you’ll react and minimise any damage if you have a breach.

• Training and raising awareness – helping your people understand the risks and highlighting best practice.

• Third-party risk management – an attack on your suppliers can still do you some damage, so understand your supply chain and think about what support you can offer.

Protect covers how to safeguard yourself against malware, viruses, phishing, hacking, and data breaches. Think about:

• Access controls – make sure that only authorised people can access sensitive info.

• Updating software – check regularly for the latest antivirus and anti-malware updates or patches.

• Update your network security – don’t forget your firewalls and data encryption tools. Once in place, they can become part of the furniture, so check they’re still fit for purpose.

• Security awareness training – provide regular online modules, webinars, face-to-face training etc. for all your people. 

Detect looks out for suspicious activity or signs of unauthorised access, these can include: 

• Malware detection and intrusion detection – these systems monitor your network for malware or malicious activity, respectively.  

• Vulnerability management – these tools carry out regular scans or security audits to identify weak spots.

• Security information and event management (SIEM) – these tools collect and check data from across your business, including your apps, devices and servers, in real-time for suspicious or unauthorised activity.

• Threat intelligence – look out for news of emerging cyber threats, so you’re always prepared.

Respond is how you’d deal with a cybersecurity incident – from start to finish – including:  

• Incident response planning – making sure everyone knows their role and responsibilities, how, when and what you’ll communicate, and how people should escalate any concerns.

• Containment – the immediate steps you’d take to contain a cyber breach, such as isolating and removing affected systems.

• Analysis – carrying out a thorough investigation that establishes the cause and extent of the damage.

• Recovery – restoring your systems and data to how they were before.

• Communication – keeping employees, clients and partners informed about the incident and its impact.

• Review – identifying the lessons learned and how to stop it happening again.

As well as these four cybersecurity principles, have a look at our ‘Why you need to take cybersecurity seriously’ for even more insights on how you can protect yourself from cybercrime.