Client type : Housing
Delivery type: Full delivery of compliance by Cyber Tech
Size of company: 25-50 employees
Threat protection level: Medium
Our client holds lots of confidential data relating to tenants in their properties and financial and medical care plans in relation to the care and support of those tenants in their properties and managed/assisted living spaces. The board of trustee’s wanted to ensure that the security posture of the organisation was fully understood, and a long-term strategic remediation and security improvement plan was developed and delivered within the organisation.
Following initial discussions with the client, it was decided to complete a Security Maturity Assessment (SML) which is based on the United Stated National Institute of Standards and Technology Cyber Security Framework which includes a more extensive security control set than that of the UK Cyber Essentials Plus and provides a mechanism for scoring the maturity of an organisations security posture.
Our client initially scored a 0.14 out of 5.0 on the NIST Framework with the UK Cyber Essentials Plus standard being around a 1.7 to 1.8 on the NIST scale (typically a unmanaged for cyber protected organisation in the UK would score around no higher than a 0.5)
Following scoring the organisation we developed a security improvement plan which would see the client move through Cyber Essentials, Cyber Essentials Plus and along the way, implement also several the IASME Framework (Gold) and NIST standards which would raise their security posture significantly.
Cyber Tech were requested to deliver the security requirements as an end-to-end delivery.
- Policy review and update
- Vulnerability Assessment and Remediation
- Data Asset Inventory and Review and Information Asset Owner identification
- Approved Software list / Machine build specifications
- User Management Processes and changes to implement further security and authorisation
- Administrative access controls and Multi-Factor Authentication
- System Upgrades to ensure life-cycle management and in-life solutions being used
- Application upgrades to ensure that all applications are supported and in life cycle
- Patching both Operating Systems and 3rd Party Applications
- Backup and Disaster Recovery changes / testing
- Firewall changes / Remote Access Control changes
- Cyber Essentials Guided Assessment
- Cyber Essentials Plus Pre-Assessment and checks
- Cyber Essentials Plus Assessment
- Implementation of Web Filtering
Azure based Active Directory ensuring unique user authentication at all locations
Following on from the delivery of Cyber Essentials Plus certification our client wanted to ensure that this standard was maintained, not just on the day of assessment but throughout the year; they also wanted to ensure that they were alerted when anything that may be a security issue happened within their environment so that actions could be taken and risks mitigated.
Our next stage of Security Improvement therefore delivered:
- Security Operations Centre (SOC) 24/7/365 staffed security monitoring
- Responding to alerts 24/7/365 and remediating the SOC (with the SIEM) reduces the risks to the client and data by constantly addressing anything that isn’t normal or correct happening within the environment. Human intervention and checks along with escalation to senior management if a risk warrants escalation.
- Security Incident and Event Management (SIEM) system reporting to the SOC
- Systems and technology including artificial intelligence which is able to understand what is normal on the network and systems and alert when anything isn’t normal – such as a user logging into their webmail in London at the same time as they logged in from China.
- Continual Vulnerability Assessments
- Implementation of a daily / weekly / monthly assessment solution which is able to advise on any newly found vulnerability on any device connected to any of the client’s networks or systems. Reporting into the SOC, any vulnerabilities can be remediated before they can be exploited by a bad actor.
Following on from our work, the client achieved a 2.2 on the NIST scale and continues to work through a Security Improvement Strategy aiming to raise their level to between a 3 and a 4 over the next 12 months.