Firewall Protection: Usage of firewalls to block unauthorized access and monitor incoming and outgoing network traffic.

Virtual Private Network (VPN): Usage of VPNs to ensure secure communication, particularly for remote access to CSC systems.

Antivirus and Anti-Malware: Deploy up-to-date antivirus and anti-malware software on all devices to detect and mitigate threats.

Timely Updates: Ensure all software, operating systems, and firmware are regularly updated with the latest security patches.

Role-Based Access Control: Restrict access to systems and data based on user roles to minimize the risk of unauthorized access.

Strong Passwords: Enforce strong and unique passwords for all devices and online accounts and using two-factor or Multi Factor authentication (2FA/MFA) for added security.

Multi-Factor Authentication (MFA): Enforce MFA for accessing sensitive systems and data to add an extra layer of security.

Secure Premises: Use physical security controls like locks, access cards, and surveillance cameras to protect the CSC premises.

Device Security: Physically secure digital devices with locks or security cables to prevent theft and unauthorized access.

Data Encryption: Encrypt sensitive data both at rest and in transit to protect it from unauthorized access.

Regular Backups: Perform regular backups of critical data and ensure backups are encrypted and securely stored.

Awareness Programs: Promote awareness of common cyber threats and safe handling of sensitive information.

Phishing Awareness Training: Educate staff on identifying and avoiding phishing/social engineering attacks.

Cyber hygiene practices Training: Provide regular cybersecurity training to staff and users on best practices for secure online behavior.

Periodic Compliance Reviews: Regularly review and update security practices to maintain compliance with evolving regulations.