Proactivity Is Key To Effective Cybersecurity

Uploaded on 2019-09-03 in NEWS-News Analysis, JOBS-Training, FREE TO VIEW

All organisations should assume they will experience some sort of cyber security incident sooner or later, probably sooner, adds Nadia Veeran-Patel, Manager: Cyber Resilience, ContinuitySA a leader in S African IT security.
 
“Plan for the worst and, most important of all, know what to do when an incident occurs. Understanding that a successful attack will be launched is the basis of a proactive approach to information security and risk management,” she advises.
The statistics say it all. The SiteLock 2019 Website Security Report indicates that, while hacks have become harder to detect, the number increased by 59% in 2018. 
 
The Report makes it clear that small businesses are as much targets as larger corporates, virtually all businesses have Web sites nowadays, and 17.6 million Web sites have malware at any given time.
 
The numbers of people affected by site hacks are mind-boggling, just one example is that 147.9 million consumers were affected by the Equifax breach in 2017. Seventy percent of organisations say they believe their security risk increased significantly in 2017. However, says Veeran-Patel, it’s critical to look at cyber security holistically. “After all, while plenty of attacks do indeed arrive via the Internet, they can also show up at the front desk with a USB drive, or peer over your shoulder in a busy coffee shop,” she notes. 
 
“Organisations need to conduct a proper risk assessment and then develop a roadmap matched to their cyber security strategy, you need to know where you are going and how to get there. It’s also important to get guidance on the tools necessary to address any gaps and minimise the risks identified.”
 
Once an attack has happened, it’s important to take the time to evaluate the short, medium and long-term impacts. These will vary, but one basic business resilience measure that will reduce the impact of threats is reliable, consistent and easily accessible backups. 
 
In summary, Veeran-Patel says the following best practices should be followed:
 
• Plan for the worst and ensure you identify your risks and mitigation strategies upfront.
• Make sure you have a reliable backup process in place, with a clear understanding of what your information assets are, how often they should be backed up and how quickly each one needs to be recovered. These decisions need to be made by the business in conjunction with the IT department, never just the latter.
• Identify owners of information assets across the business and ensure they are part of the risk management process.
 
One final point is that cyber security is ultimately a function of corporate culture. Everybody in the organisation needs to understand the risks and the role they can play in making the organisation secure. 
 
ITWeb:              Image: US Homeland Security
 
For Cyber Training for your organisation, for a sensible training time and cost, Contact  Cyber Security Intelligence 
 
You Might Also Read: 
 
Cyber Essentials For Board Directors:
 
 
 
« Maritime Shipping Is Badly Exposed
Easy Cyber Knowledge Chapter 3 - Social Media & Social Change »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Purdicom

Purdicom

Purdicom (formerly known as Selcoms) is an award winning distributor specialising in Wireless, Cloud & Security technologies.

Finjan Holdings

Finjan Holdings

Finjan solutions are aimed at keeping the web, networks, and endpoints safe from malicious code and security threats.

Cylus

Cylus

Cylus, a global leader in rail cybersecurity, helps rail and metro companies avoid safety incidents and service disruptions caused by cyber-attacks.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

Astaara

Astaara

Astaara is an integrated insurance services and risk management advisory business incorporating cyber risk advisory, underwriting and analytics.

Boeing

Boeing

Boeing is the world's largest aerospace company and leading manufacturer of commercial jetliners, defense, space and security systems.

Kinetic Investments

Kinetic Investments

Kinetic Investments provide entrepreneurs with the capital and support required to transform their vision into a success, in return for shared ownership of the company.

Camel Secure

Camel Secure

Camel Secure is a company specialized in the development of products for information security and technology risk management.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

Fortreum

Fortreum

Fortreum aim to simplify cybersecurity in the marketplace to accelerate your business outcomes.

Heyhack

Heyhack

Heyhack is a SOC 2 Type II certified automated penetration testing platform for web apps and APIs.