4. Consider mitigations following cyber security testing (AC 1.4)

What does mitigation mean in cyber security context? Mitigation refers to the actions taken to reduce or eliminate risks and vulnerabilities that could lead to cyber attacks. Cyber security testing is an important part of keeping organisation's system, networks and data safe. Once you identify all the risks, they need to be addressed, that's when mitigation comes in. Catching potential issues Cyber is ever evolving field, which is why keeping your systems up to date is critical. Organisations can prevent a lot of security breaches by applying software patches, using malware protection, enabling two-factor authentication, setting up firewalls, using strong passwords and configuring systems securely. Controlling User Access Not all users need the same level of privileges, or access all the files and all the folders. Restricting user permissions can greatly reduce the risk of accidental or intentional misuse of sensitive data. Users should only be able to access the files and folders absolutely necessary for their work. Escalating threats quickly The faster an organisation responds to security threats, the less damage they can cause. Clean escalation process can be very helpful. Thanks to them, any potential attacks are identified and dealt with before then lead to data breaches or system compromises. Training staff All employees need to have cyber security training, this helps to avoid falling for social engineering attacks, risky online behaviour. A well trained workforce reduces human error and helps organisations comply with security regulations.