With all of
the tech layoffs that have been happening, the disappointing financial news
from Palo Alto, the emergence of AI, etc. Cybersecurity is getting another look
over. While the total number of attacks
have gone down since last year, the total number of extortion attacks have
actually increased, in large part due to Ransomware. More information about this can be seen at
the link below:
https://newsroom.orange.com/cyberextortion/
Also, with
the complexities of the Cyber Threat Landscape changing almost every minute, now
is the time for you, the CISO, to reevaluate your priorities when it comes to
Cybersecurity. So to help you get
started, here is a starting point of what you should consider:
1)
Everybody
is responsible:
Unfortunately
in today’s world, everybody thinks that combatting security breaches is still the
sole responsibility of the IT Security team.
This couldn’t be further from the truth.
Everybody has a role in keeping their place of employment safe!!! This has to be emphasized over
and over again in order for all involved to fully understand this. This even includes external parties, such as
contractors, suppliers, etc. But even
more important, the mindset of the C-Suite has to change as well. Yes, the buck stops with you (as the CISO)
for Cybersecurity, but all responsibility has to be shared with everybody on
this level, going all the way from the CEO to the CFO to the COO, etc. In this regard, Cybersecurity should not be
viewed as just an expense, rather, it must be viewed as an
investment!!! Bring things
down in terms of dollars and cents, and what it will mean if there is any kind
of downtime.
2)
Know
thy data:
Believe
it or not, even to this day, CISOs do not even know where their data sets even
reside at. So, now you must take the time
to get a grasp of this, and know exactly where everything is. If needed, create a separate team to map out
where everything is, even all of the databases.
Keep this document backed up, both as a hard copy and an electronic
copy. Make sure that it is updated at
all times, no matter what. Also, conduct
regular audits of your datasets to make sure that there are no instances of
data exfiltration that could be occurring.
3)
Have
your plans:
When
the COVID-19 pandemic hit, companies were in a huge scramble to figure out how
to deploy their remote workforce. A
large part of this nightmare was due to the fact that none of these entities had
a formal Incident Response (IR) plan in place.
This is a formal document which details as to how you will respond in
the case of a security breach. A future
blog will outline the details of what should be included in this kind of plan. But the bottom line here is that if you don’t
have this in place, create one immediately, and practice it on a regular
basis. Even more importantly,
update it from the lessons learned each time to practice it!!!
4)
Keep
training:
Keep
training your employees in the sheer importance of maintaining strong levels of
Cyber Hygiene. There are different ways
in which to deliver this kind of training, but make sure that it fits the role
of the employees. In other words, don’t
take a one size fits all approach, the training has to be customized, in order for
your employees to truly understand what is at stake. Also, don’t make these just lecture sessions,
make it interactive so that the audience can take away something from it, and apply
what they have learned.
My
Thoughts On This:
It is even
more important now than ever to take Cybersecurity seriously. Just because a security breach has not
happened to you does not mean it will not happen down the road. Spending some time now and some money will pale
in comparison to the exorbitant costs you will face if you do become a victim!!!
No comments:
Post a Comment