November 17, 2022 15:03
Preventing an industrial cyber security incident plays an important role in ensuring the safety of Dutch industry. The information in this library gives you a basis to get started with monitoring in your organization. The information ranges from informative and educational resources, to practical tools and fact sheets that you can apply to your situation.
Typical measures to get this issue right in one's own organization
What situations are we talking about?
A cyber security incident resulting in data theft or prolonged asset downtime with consequent financial and reputational costs due to
- a phishing attack in which the attacker attempts to collect information from a user
- a Ransomeware attack, where malicious software is placed at companies to encrypt data that is only released after payment has been made
- an Advanced Persistent Threat attack, where an unauthorised person gains undetected and prolonged access to a network to steal data
- a DDoS attack, in which botnets try to take down companies' servers and prevent users from accessing them
- a Supply Chain Attack, where malware embeds itself in a software package at a software distribution site to steal or manipulate data
Aspects
- Install updates
- Control who has access to your data and services
- Check which devices and services are accessible from the Internet and protect them
- Apply multi-factor authentication
- Segment networks
- Back up and test your systems regularly
- Ensure that each application and system generates sufficient log information
- Back up and test your systems regularly
- Encrypt storage media with sensitive business information
- Have a recovery plan and practise it regularly
Why?
Questions from the strategic leadership role about risks and control measures that point to answers in the Knowledge base
What and how?
Questions from various tactical or operational leadership roles about risks and control measures that point to answers in the Knowledge base
Staying informed?
"*" indicates required fields