Every other year, the Dark Figure Survey is published on behalf of the Business Security Council (NSR). These are the seven security councils you should address today. 

1. Protect email and browser

Several preventive technical measures protect the transportation of email between servers to reduce the risk of breaches of confidentiality, integrity, and emails with false sender addresses. These measures are described under basic principle 2.8 "Protect email and browser". 

2. Use malware scanning on emails and attachments

Use automated tools to analyze incoming messages, message attachments, and clickable links in order to detect malware and other threats. This is described in measure 3.1.3 under basic principle 3.1 "Detect and remove known vulnerabilities and threats".

3. Mark suspicious messages

It can be helpful for users if messages are clearly marked if they have not been secured during transportation between servers as described in point 1 of this list, or if they have been identified as suspicious by the measure described in point 2 of this list.

Read about the best security advice from senior advisor at the Business Security Council, Arne Røed-Simonsen. 

4. User authentication

A threat actor can also gain access to the email system by exploiting a user's access and sending messages with malware from the internal user. In this way, the threat actor can bypass some of the preventive security measures mentioned in this list. NSM's basic principle 2.6 "Have control of identities and access" describes relevant measures.

5. Provide users with training and better risk understanding

Even though several layers of preventive technical security measures have been established, there is a risk that messages with malware or manipulation attacks end up in the user's inbox. Social manipulation works. Therefore, it is important that users have received training and have a security understanding that reduces the risk of being deceived.

6. Detect security breaches

For the threat actor, it is only a matter of time. Regardless of how many layers of preventive security measures are established, security incidents can affect all businesses. Therefore, it is essential to have established good and effective consequence-reducing measures. Rapid detection of security breaches is the best starting point for reducing the consequences of a security breach. Basic principles 3.2 "Establish security monitoring" and 3.3 "Analyze data from security monitoring" describe relevant measures that can be established to detect security breaches. Contact us if you want to know how we can help you set up good security solutions. 

7. Manage incidents and restore normal operating conditions

The last point in the review of scenarios is the handling of the unwanted incident. This provides an opportunity to prepare for possible incidents with the aim that the handling of this type of incident can be carried out effectively. NSM's principles in category 4 "Handle and restore" about handling desired incidents, minimizing damage, removing the cause of the incident, and restoring the integrity of networks and ICT systems.

Source: The Dark Figure Survey 2020

The Dark Figure Survey maps the IT condition in private and public businesses. The survey is unique in Norway and is an important contribution to mapping the extent of data crime and IT security incidents, as well as awareness of information security and the use of security measures in Norwegian businesses. The Dark Figure Survey is being launched for the 12th time at the Security Conference 2020.