lignnone size-full wp-image-238" src="http://www.sgcybersecurity.com/wp-content/uploads/2014/09/cycle_of_cyber_security_efforts.png" alt="cycle_of_cyber_security_efforts" width="488" height="460" /> 1. Security review The first step in securing websites is to conduct a thorough review to identify security loopholes. This can be done by using security scanning tools or hiring expert security consultants to review the websites. Loopholes identified through this step should be fixed up as soon as possible. Security reviews should be scheduled and carried out at least once every six months. 2. Protect After the security review, measures should be put in to protect the website. It is important to have web application firewalls(WAF) in addition to network firewalls. WAFs provide filters that apply a set of rules to an HTTP conversation. WAFs are able to detect and prevent common “Layer 7” web application attacks such as cross-site scripting (XSS) and SQL injections. 3. Detect No protection is foolproof, especially since cyber threats morph very fast, and hacking methods are ever-changing. Therefore, it is important to have a proactive detection mechanism in the unfortunate event that the website is defaced or breached. Sometimes, defacement to a website is first detected by external parties, such as members of the public or a customer, before the internal team gets wind of it. Such a situation could be a major embarrassment and could do damage to reputation of the organization. Thus, proactive monitoring will allow the organization's security team to act quickly before external parties discover the security breach, so as to maintain a good reputation. Monitoring and detection can be done manually, by having someone to scan web pages on a regular basis. There are also automated softwares that can help to scan websites, and provide reports, as frequently as every few minutes. 4. Response and Recovery Organizations need to work out an incident response and recovery plan before a website defacement or security breach happens. Such “crisis management plans” could include backing up web servers, creating temporary landing pages, etc. It is important to note that security vulnerabilities should be remedied before restoring websites from backups, so as to prevent repeat incidences of the same type of security breaches. The affected organization can consider having secure temporary landing pages on stand-by. This way, the organization can consistently show a decent corporate website, even in the face of attacks, and have time to do back-end incident handling and forensics processes. After the “response and recovery” stage, the organization should go back to the first step of doing a “security review”, so as to plan for and prevent future attacks. Thus, the job of securing websites can be done effectively, if it is viewed as a continuous process of ongoing activities mentioned above. Many organizations tend to have lax security-controls in place for websites, as different groups of people (e.g. marketing department, managers / administrators, webmaster, etc.) are able to make changes to the corporate website. It is thus important to get these personnel to work closely with the IT-security team to have a tight change management process. The combination of people, process and technology will always provide the best combination of security against attackers. About The Author Matthias Chin is the Founder and Director of Banff Cyber Technologies Pte Ltd, based in Singapore. After more than 10 years in the corporate world, Matthias took a step of faith to come out to start his own business. He wanted to build an organization that is fun to work in, develops people and creates solutions that makes the world a better place. Overcoming many challenges in the past 2 years, he has led Banff Cyber to create and launch a patent-pending cyber-security product that is widely used by banks, telcos, government agencies and Forbes Global 2000 companies. He aspires Banff Cyber to grow to be a global company that lives out the values of courage, integrity, passion to solve problems, and innovation. Matthias has a wealth of experience in the networking and cyber security industry with 15-years of relevant experience. He possesses CCIE (Cisco Certified Internetwork Expert), GCIH (GIAC Certified Incident Handler) and CISSP (Certified Information Systems Security Professional) and has also worked in various roles of networking and security in companies such as Pacific Internet and Singapore Computer Systems. Matthias also has strong business acumen gained from his EMBA (Helsinki School of Economics) and his experience in managing a profit centre during his time in ST Electronics. He also holds BASc (Hons), Electrical Engineering from University of Toronto. Matthias can be reached online at enquiries@banffcyber.com or sg.linkedin.com/pub/matthiaschin/6/339/13b and at our company website http://www.banffcyber.com/