Protect

Once you have identified your assets and performed risk analysis, you can start to protect these assets from cybersecurity risks. 

On this page you will learn what is being expected  from the NIS2 law and what kind of solutions Kappa Data can offer you. 

Ask for a meeting
Protect Core function of the Cyberfundamentals Framework
Source : Cyberfundamentals Frameswork CCB Belgium

Protect definition from Cyberfundamentals Framework

Guidelines and Obiligations from CCB Belgium

In the Cyberfudamentals framework of CCB Belgium a list of measures are described where you can find the headlines below : 

  • Identities and credentials are issued, managed, verified, revoked and audited for authorized devices
  • Physical access to assets is managed and protected
  • Access permissions and authorizations are managed, incorporating, the principles of least privilege and separation of duties
  • Network integrity (network segregation, network segmentation..) is protected
  • Identities are proofed and bound to credentials and asserted in interactions
  • All users are informed and trained
  • Privileged users understand their roles and responsibilities
  • Third-party stakeholders (like suppliers, customers, partners) understand their roles and responsibilities. 
  • Senior Executives understand their roles and responsibilities
  • Physical security and cybersecurity personnel understand their roles and responsibilities
  • Data-at rest is protected
  • Data-in transit is protected
  • Assets are formally managed throughout removal, transfers and disposition
  • Adequate capacity to ensure availability is maintained
  • Protection against data leaks are implemented
  • Integrity checking mechanisms are used to verify software, firmware and information integrity
  • The development and testing environment(s) are separate from the production environment
  • Integrity checking mechanisms are used to verify hardware integrity
  • A baseline configuration of information technology/industrial control systems is created and maintained incorporating security policies
  • A System Development Life Cycle to manage systems is implemented
  • Configuration change control processes are in place
  • Backups of information are conducted, maintained and tested
  • Policy and regulations regarding the physical operating environment for organizational assets are met. 
  • Data is destroyed according to policy
  • Protection processes are improved
  • Effectiveness of protection technologies is shared
  • Response plan (incident response and business continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed. 
  • Cybersecurity is included in human resources practices (deprovisioning, personnel screening…)
  • A vulnerability management plan is developed and implemented.
  • Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools.
  •  Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.
  • Audit/log records are determined, documented, implemented, and reviewed in accordance with policy.
  • Removable media is protected, and its use restricted according to policy.
  • The principle of least functionality is incorporated by configuring systems to provide only essential capabilities.
  • Communications and control networks are protected.

 

Protection of your Assets

Once you know which assets are defined, you can in building your cybersecurity procedures and plan. As you can see in the guidelines and regulations within the Cyberfundamentals framework of CCB Belgium, a lot requirements are written for protecting your assets.

Next to identifaction of your assets, you can start to fill in many protection requirement by different type of solutions that cover these requirements. As you can see in the requirements above cybersecurity solutions as Identity Management, Vulnerability Management, Network Access Control, Backups, Data Protection, Privileged User Management, User awareness and more are required.

Kappa Data has different solutions to offer that fills in several parts within this identenfication and risk analysis process.

Let’s look at the different solutions :

Protection assets in many ways

In alignment with the Identify Core function of the NIS2 directives in Belgium, the organization needs to be committed to a comprehensive approach to Protection of all assets. This strategy ensures that all IT, IoT, and OT devices within your network are secured  and managed effectively.

To achieve this, Kappa Data is leveraging several advanced solutions:

1. Data Protection of sensitive data on Onedrive and SharePoint:

Discover how Barracuda Data Inspector can automatically scan and remediate sensitive information and malicious files in your Microsoft OneDrive for Business and SharePoint.

2. Network Access Control (NAC) by Extreme: 

The NAC solution from Extreme Networks is essential for determining and controlling who can access various segments of our network. This solution enforces security policies, ensuring that only authorized users and devices can connect to your network resources. By doing so, it significantly reduces the risk of unauthorized access and potential security breaches.

3. Data Protection:

Kappa Data offers solutions for your data-at rest like backup systems, but as well to encrypt your devices so hackers can no longer access your data. 

4. Email Protection

Email protection has become an essential part within your cybersecurity policy. Phishing and account takeover have become the fast growing email security threats. Discover here Kappa Data’s email protection solutions.

5. Encyption

Data in-rest or in transition can be encrypted via certificates or devices that are completed encrypted via several solutions.

6. Endpoint Protection

Within Endpoint Protection, Kappa Data can offer you the solutions of Sophos. Intercept X endpoint protection is being offered in different variations as explained on this page.

7. Firewall solutions

We need a firewall for security and logically it is required by NIS2. You can also consider cloud hosted firewalls if most of your applications are cloud hosted or distributed. Check every vendor on this page to learn more about them.

8. Mobile Protection

Within the guidelines you will find as well Mobile security as an requirement. Discover on this page what Kappa Data can offer for Mobile Security

9. Passwordless Access 

Click on the titles to have more information on each solution.

Protect Core function of the Cyberfundamentals Framework