Notion Digital Forensics 3Cs for organisational cyber defence

Written By jason west

The Notion Digital Forensics 3C model is a framework for organisational cybersecurity that focuses on three key areas: complexity, compliance, and culture.

Compliance

Organisations must choose a suitable structure for their cybersecurity compliance. Common cybersecurity compliance standards include ISO 27001 and NIST CSF. Smaller organisations may need to adapt and reduce these standards, prioritising the highest-risk elements first.

Complexity

It is crucial to minimize the complexity of an organisation’s systems. This can be achieved by:

  • Retaining only necessary systems

  • Keeping only essential information

  • Implementing a system to retire outdated systems

Reducing complexity makes it easier for IT staff to manage systems and reduces the risk of forgetting to update or properly secure them.

Culture

Instilling a culture of cyber safety within the workplace is essential. This means:

  • Working together to create a culture of data safety

  • Being particularly careful with sensitive third-party data, such as customer lists, financial information, or human resource information

  • Considering the added complexity to IT systems when adding new systems

  • Prioritising the decommissioning of unused systems to protect sensitive data

By focusing on these three areas – complexity, compliance, and culture – organisations can develop a comprehensive approach to cybersecurity that reduces risk and protects sensitive data.

jason west https://notiondigitalforensics.com.au
Previous

Implications of the proposed Cyber Incident Review Board [2024]
Next

3 rules of personal cybersecurity: Advice for our clients (summary)