Software solutions are the simplest way for organisations to address many of their cyber security threats. All you need to do is pick out and purchase the right tools and away you go.
Unlike the other aspects of the cyber security triad – processes and people – there’s often no need to carefully curate solutions that work for your organisation. Instead, technological solutions can be bought off the shelf to solve universal issues.
But unfortunately, there aren’t software packages to address every cyber security issue you face. So when should you be relying on technology, and when should you look elsewhere?
Cyber security software that every organisation should have
Antivirus and anti-malware
If your organisation uses the Internet for any part of its business, you will be targeted with viruses and malware.
From worms and adware to keyloggers and ransomware, there are countless malicious programs that cyber criminals can use to infect your organisation. The only way to consistently detect them is with antivirus and anti-malware technology.
These are some of the most common cyber security tools on the market, so you shouldn’t have any problem finding a suitable package. The likes of Norton, Bitdefender and Kaspersky all offer quality services, differentiating themselves through additional features.
Bitdefender, for example, stands out for its ability to detect ransomware, whereas F-Secure is one of the few services that can be used on Apple devices.
Finding the right antivirus and anti-malware tool for you is simply a case of researching what’s on the market and weighing up the pros and cons.
Data protection guidance
If you’re subject to the GDPR (General Data Protection Regulation), you will know how complicated it can be to process sensitive information securely.
The Regulation contains a litany of requirements, from the need to review the personal data you collect to the adoption of technical and organisational measures to secure it.
It can be tough to keep track of these requirements, and tougher still to implement the necessary practices.
DPIAs (data protection impact assessments), for example, can be particularly difficult to navigate if you don’t already have an extensive understanding of best practices.
That’s why organisations are increasingly relying on software packages to help manage these requirements. For instance, IT Governance’s CyberComply package contains a complete set of software solutions to help organisations oversee their compliance practices.
The package is designed by experts, who understand the challenges organisations will run into with the GDPR and have created solutions to simplify the process.
Firewalls are virtual shields that block external networks from getting into your IT systems. They are often paired with antivirus software, as both are designed to look for malicious activity on your network.
But whereas antivirus programs look at what’s already on your systems, firewalls detect signs of breaches in progress.
There are plenty of free firewall solutions, including one built into Windows 10 that, when combined with antivirus software, delivers “pretty good results”.
Of course, many organisations will want something better than ‘pretty good’, which is why there are paid services that offer more resilient protection.
Paid–for services generally also offer advanced options that can be used across your network – which is ideal for configuring the settings for everyone’s office computers.
Your cyber security personnel must be able to keep an eye on what’s happening on the organisation’s network, whether that’s attempts to access privileged information, login attempts from unusual activity or users visiting untrustworthy websites.
Tracking this information ensures that you’re aware of suspicious actions in close to real-time, helping you identify breaches promptly.
Equally importantly, it helps you spot vulnerabilities and prevent incidents from occurring. For example, say your monitoring tool picked up on a handful of login attempts to an employee’s account from the other side of the world.
This is sign that their account is compromised. You don’t need to know how or why at this stage; you can instead lock their account, safeguarding it from unauthorised access.
Once this is done, you can investigate and resolve the issue.
As with the other types of software we’ve listed, there are plenty of products on the market and that offer slightly different services.
Some of the extra features you’re likely to come across are automatic detection tools, real-time alerts, tailored reports and customisable access controls.
Software is only part of the solution
As helpful as software is, it’s important to remember that it can’t solve all of your information security issues by itself – not least because you need employees who know how to use the tools and interpret their results.
Likewise, technological solutions should be complemented with security policies and staff training to prevent risks and ease the burden on your software tools.
After all, many data breaches are caused by employee error, which can’t always be prevented with tools that detect threats or automatically block actions.
With this in mind, you can see that your biggest question when addressing cyber security software isn’t necessarily which technology you should use but when technology should be used.
The examples we list in this blog will be relevant to almost every organisation, because they address universal issues. But what about the likes of encryption programs? Should you be using those?
This is where risk assessments are helpful; it’s the process in which you identify and evaluate security risks to find appropriate solutions.
Depending on your setup, some risks should be treated with software or process/people solutions (or a combination of them), whereas others can be managed differently, like transferring the risk to a third party or changing the way you operate to terminate the risk.
You can get help conducting risk assessments by using vsRisk Cloud.
This online tool is aligned with ISO 27001, the international standard for information security, ensuring that you get repeatable, consistent risk assessments year after year.
Its integrated risk, vulnerability and threat database helps you identify every potential way that a breach can occur and the best way of managing them.
A version of this blog was originally published on 21 November 2019.