Developing a robust, actionable and business oriented cyber strategy is the first step in a top down approach to align cyber security capabilities with clear business objectives and goals. The strategy should assess the current cyber security capabilities, map out a desired future state and highlight the milestones to get there.

Aligned to the organisation operations risk appetite the strategy will provide the context to develop cyber security capabilities in the areas of Identify, Protect, Detect, Respond and Recover.

Managing technically complex cyber security programmes requires experience programme and project managers to manage that complexity from high level objectives all the way down to daily stand ups.

Cyber Cert Labs will work with you to provide cyber programme and project management capabilities to ensure your cyber programmes achieve their stated objectives.

Developing an effective Target Operating Model (TOM) is an important part of building an effective cyber security function. Your TOM should help you evolve and mature your cyber security capabilities, describe how your cyber function works and how your processes and technology integrate.

An effective TOM also helps to align your team behind your cyber security strategy and to ensure that your team is embedded in the right places within your organisation.

The concept of a Security Operations Centre (SoC) as central operation hub for responding to cyber threats and incidents has been around for about two decades. Often SoC functions operated around a technology stack referred to as a Security Incident and Event Management (SIEM) platform. This platform would ingest telemetry form a wide range of systems that required protection and use regular expression-based rules to identify potential threats and attacks. As the digitisation of enterprises accelerates with more devices, platforms and data to protect this approach has become far less effective.

It is time for many SoCs to evolve towards a next generation operating model, supported by new and emerging cyber security capabilities such as cloud computing, artificial intelligence/machine learning and more advances network and endpoint protection technologies.

Cyber Threat Intelligence (CTI) is an important part of a modern cyber defence capability. Providing both forward looking information on new and evolving threats as well describing Tactics, Techniques and Procedures (TTPs) for current threats. This information helps both defensive teams organise their protect, detect and respond playbooks as well as offensive teams effectively test these playbooks.

Also, horizon scanning on the evolving nature of the threat landscape helps to inform cyber security strategies, brief senior decision makers and assist cyber security teams to optimise their effectiveness.

Cloud computing technologies continue to expand in terms of the services they offer on demand to enterprises. The scale and breadth of the capabilities of modern public cloud platforms provides a compelling drive for most enterprises to embrace these new technologies and the associated operating models. Alongside public cloud platforms enterprises are typically creating DevOps teams and capabilities in order to manage their entire cloud environment through code. This has significant benefits for enterprises in terms of agility, speed to market and cost effectiveness.

As enterprises evolve in this way it is critical that cyber security teams can pivot to gain the knowledge, capabilities and patterns to adequately secure both the DevOps and operational cloud environments.

The Cyber Resilience Act (CRA) is a first of its kind legislation that will provide a baseline cybersecurity standard for products with digital elements within the European Union. The CRA will address two key issues; products with digital elements manufactured with low levels of cybersecurity leading to widespread vulnerabilities and users having an insufficient knowledge of product cybersecurity to use it in a secure manner. The CRA is a horizontal legislation, this means it will cover a broad range of products across many sectors, including any product with hardware or software components sold in the EU.

The CRA is an important consideration for many businesses developing new products and to ensure old products meet the new standards. The CRA is moving very quickly through the EU legislative process and is expected to be finalised by Q2 of 2024. This means now is the time to start thinking about your business’s compliancy journey for the CRA.

The Digital Operational Resilience Act (DORA) is a new EU wide legal framework affecting financial entities such as banks, insurance companies and investment firms that will come into force in 2025. The financial sector is now inextricably linked to the cyber world, with this comes new and evolving risks and vulnerabilities. DORA aims to increase cyber resilience in the financial sector by creating detailed criteria all financial entities must adhere to in specific areas including ICT risk management, digital operational resistance testing and information sharing.

The date by which DORA must be adhered to is fast approaching and many financial entities will need to make changes to their current ICT landscape and operations. CCL offers tools, consultancy and expertise to help implement DORA criteria smoothly and effectively.

The Network and Information Security (NIS) Directive was the first EU wide cybersecurity directive, it helped to increase cybersecurity standards across Member States and whilst it was successful in some areas, implementation was difficult. NIS2 has been proposed to build on the foundation of NIS, this new directive covers more sectors, introduces stricter supervisory measures and enforcement requirements as well as address security of supply chains. This means businesses that came under NIS will need to update their cybersecurity protocols and businesses in sectors that did not fall under NIS but do under NIS2 will need to ensure they are compliant.

The date by which NIS2 compliance must be in place has been set, 17th October 2024. This deadline is fast approaching and so it is imperative that businesses begin the compliancy process as soon as possible. Cyber Cert Labs is here to help make your transition from NIS to NIS2 as smooth as possible, as well as help businesses from the new sectors ushered in under NIS2 to build a new compliancy policy.