4C Insights

10 recommendations for enhanced information security

2021-04-30

The importance of information security for organisations is growing dramatically due to a number of factors. Internet-connected devices — from infrastructure, to cars and home alarms — are becoming increasingly common. At the same time, we are seeing a major increase in IT-related incidents and antagonistic data security breaches. These breaches are committed by both criminal organisations and state-supported agents, which means society as a whole is affected from a security policy perspective.

4C’s 10 recommendations for enhanced information security should be seen as a first step towards a sustainable, long-term strategy to protect and preserve your most important information assets.

"Given that several private companies are responsible for critically important public services, there is a major need to enhance organisational capability to manage threats and vulnerabilities in the cyber field. 4C assists both the public and private sector in strengthening their cyber resilience, which lies at the heart of our mission to build a safer society.”
Håkan Jidmar, Principal Consultant and IT Security Expert

1. Start from square one

An initial, overarching risk analysis provides valuable information on threats and vulnerabilities.

2. Draw up an information security policy

Describe the path the company management wishes to take and the long-term aim of the organisation’s information security work in an information security policy.

3. Perform a gap analysis

Perform a gap analysis that forms a decision basis to present for the management, in which flaws and proposals for measures are presented.

4. Get management on board

Without the active participation of management and its understanding for information security work, the work will fail.

5. Analyse the greatest information security risks

Undoubtedly the most important and fundamental activity in information security work is the risk analysis.

  • 4C Strategies offers a comprehensive range of cyber security management and IT continuity services, with regular testing and exercises to build, verify and track your readiness capability. We integrate IT risk, disaster recovery and crisis management, to go beyond mere technological solutions towards an organisation-wide culture of cyber resilience.

6. Identify and classify information assets

In conjunction with the risk analysis, all the organisation’s information assets should be classified based on internal and external requirements for confidentiality, accuracy and accessibility.

7. Review crisis and continuity capability

Identify the most critical parts of the organisation’s operations, find the greatest risks and vulnerabilities, develop crisis and continuity plans and start doing exercises and tests.

8. Create long-term change in the organisation

Long-term and lasting change in information security work demands a cultural change that permeates the entire organisation.

9. Start measuring compliance

Define suitable measurement values, preferably with the help of KPIs, which show the organisation’s progress.

10. Start work on a small scale

Information security can be perceived as diffuse and intangible. To avoid this, it is important to start work on a small scale by adjusting the short-term information security goals to the organisation’s capability.

Johan Wurtz
"With NATO SECRET accreditation and over 20 years of supporting military training worldwide, 4C Strategies is built on a foundation of information security, innovation and integrity. Our commitment to information security extends across our company practices, software development, cloud hosting environment, and consulting services for clients working in the most high-risk, mission-critical sectors of our society."
Johan Wurtz, Chief Information Officer

Thank you for downloading!
The resource will be sent to the given email address. You are welcome to contact us with any question you may have.

    To learn more about how 4C Strategies process data, please read our privacy statement.

    I agree to be contacted for the purpose indicated above, and to receive information about 4C Strategies’ products, services and events.

    Download Resources

    News and Insights

    Message sent

    Thank you
    Your message has been received. We will get back to you as soon as possible.

    Thank you!

    You are now registered.

    Download pack

    Photo credits

    License

    Choose size
    • Original image
    • Large image (2900px)
    • Medium image (1920px)
    • Small image (1024px)
    DOWNLOAD

    Get in touch

    Book a demo

      Solution Areas

      Get in touch

        Message sent

        Thank you
        Your message has been received. We will get back to you as soon as possible.

        Message sent

        Thank you
        Your message has been received. We will get back to you as soon as possible.

        Message sent

        Thank you
        Your message has been received. We will get back to you as soon as possible.