Read time: 3 minutes

Four key components to an effective cyber-security strategy

The potential threat posed by cyber crime is, by now, pretty well understood. What's less well understood is how to put a strategy in place that is robust and flexible enough to cope with a constantly changing threat landscape, and even more critical, will help the company to recover from a cyber attack. In the end, cyber security should be seen as part of the overall strategy to ensure business continuity through resilience.

Jeremy Capell, GM, Advisory Services, ContinuitySA, believes there are four key components to an effective cyber-security strategy: implementation, assessment, monitoring and response. Most companies have long since recognised the need for the first two, and have assigned budget and resources to them. Far fewer even have the second two in their sights.

"Implementation covers the creation of security and governance policies along with technical activities such as the configuration of firewalls and so on," he explains. "Assessment looks at the standards that need to be complied with, such as ISO 27001, and includes technical activities like performing a vulnerability assessment and doing vulnerability testing, usually annually."

"All well and good, but these are essentially activities that take place at a certain point in time. If, for example, a new threat appears just after the annual vulnerability test, then the systems are effectively vulnerable until the next test, "he adds. That's why the third component, monitoring, is so critical. Gathering threat intelligence needs to be continuous. It would include observation of sites on the Dark Web, where hackers boast about their exploits and even post hacked information, checking whether traffic from known bad hosts is directed at your sites and constantly monitoring the threat landscape. It's all about getting an early warning about a new Microsoft-targeting virus when it first appears, not once it has hit your system!

The final component is response in the event of a breach. A suitable technical response is one requirement, but plans for an appropriate business response are also necessary. This would include crisis communications plans and protocols, and how to deal with breaches that affect regulatory or other compliance. How you respond to a cyber-security incident will greatly influence its long-term impact on the business.

Part of the response phase could include help and input from your insurance company. Specialist cyber insurance is necessary, but most insurers offer various forms of help aimed at getting you operational again, in order to minimise claims.

"A related consideration is that, in my experience, companies have pockets of excellence. They might do some of the various elements well, but it's extremely rare they can do everything. In order to create the holistic approach I have so briefly sketched here, the help of an independent, specialist consultancy makes good sense," Capell concludes.



ContinuitySA is Africa's leading provider of business continuity management and related services. The company boasts some of the continent's most highly skilled and qualified business continuity and disaster management experts who help companies, organisations and government departments of all sizes prepare for and deal with all eventualities. These include potential threats, events, incidences and unforeseen or sudden disruptions due to human error or natural events.

ContinuitySA also provides a variety of hosting solutions, ranging from co-located to fully managed virtualised environments, with their primary focus being to ensure its clients are able to address the resilience and recoverability of their IT services. These hosting services are complemented by managed backup and recovery services, virtual server replication and high availability solutions to satisfy any level of continuity requirement.

ContinuitySA operates the largest recovery facilities in southern Africa. It has a number of recovery centres in southern Africa with over 20 000 square metres of recovery facilities in Midrand, Gauteng. Smaller sites have been located in Cape Town, Gaborone, Botswana and Mozambique, and a joint venture has been established in Mauritius.

ContinuitySA. Our business is keeping you in business. Additional information about ContinuitySA can be found at