Cybersecurity Strategy - Do You Have One Yet?
By Dina Moskowitz, CEO and Founder, SaaSMAX Corp
Cybercrime is becoming an epidemic. In fact, we’ve entered into the age when every company, from enterprise down to home-based businesses, must wake up and address their vulnerability to Internet and mobile-based leakages, threats, paralysis, ransomware, malware, and other forms of cyber crime.
IT professionals often find themselves a step behind. By the time they catch up, hackers are already upgrading their tactics. A strong cyber security corporate strategy really needs to incorporate multiple cloud-based software applications to cover cyber attack prevention, detection and correction. Unfortunately, there is no single panacea.
Prevention, detection and correction each require different methodologies, competencies and technologies. To help you understand and build out your cyber security tool chest, here are several important categories that security solution providers and IT executives are incorporating into their cyber security strategies.
Social Engineering refers to an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. Often the easiest way to get a person to break normal security procedures is email simply by opening the email or an attachment.
"A strong cyber security corporate strategy really needs to incorporate multiple cloud-based software applications to cover cyber attack prevention, detection and correction"
Cyber criminals are building complete profiles of individuals and organizations. They’re aggregating everything from private financial information, to passwords and login credentials, to social media information to healthcare data and past residence addresses—and they’re selling these profiles online in the black market.
One extra tip here is to make sure that your employees physically cover the video cameras on their tablets and laptops except for when needed.
Data & Leakage Protection is to design a system that detects potential data breach/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use (endpoint actions), in motion (network traffic), and at rest (data storage).
Authentication is the process in which the user credentials provided are compared to those on file in a database of authorized user information, on a local operating system or within an authentication server. If the credentials match, the login process is completed and the user is granted authorization for access.
Most companies are adopting two-factor authentication or stronger measures to protect their employees, customers and businesses. Authentication options are growing and include everything from IP address and device-based authentication to devices like external USB sticks, smart card chips to fingerprints, retina scans, and sensors.
Monitoring & Management typically refers to the process of observing and checking the progress or quality of your data, servers, databases and networks over a period of time; keeping your data under systematic review.
There are software monitoring tools and services that can provide 24/7 vulnerability assessments, penetration testing, and digital forensics to ensure that nothing has been compromised.
Application Security refers to measures taken throughout a software’s code life cycle to prevent security vulnerabilities through flaws in the design, development, deployment, upgrade, or maintenance of the application.
One great recent example of software vulnerabilities is how a Pokemon GO player discovered a huge security risk for Apple users who sign into the app through their Google account, which allows the app access to all Google account services. If Google’s having a hard time keeping up, imagine how compromised and vulnerable other software applications probably are!
Network Security refers to those processes, software and hardware adopted to prevent and monitor unauthorized access, misuse, modification or denial of a computer network and network-accessible resources.
Endpoint Protection is a policy-based approach to network security that requires all endpoint devices, such as smart phones, routers, printers, tablets, and laptops, to comply with specific criteria before they are granted access to network resources.
Hackers and other cyber criminals tend to target endpoints (anything connected to a network) to break in. A great tip for designing your endpoint security is to start by taking inventory of every endpoint associated with your business.
Security Audits & Incident Response
Security Audits are a manual or systematic, measurable technical assessment of a system or application. An audit is not an event but a process, according to Symantec, and means that organizational security structures should evolve, continually correcting deficiencies in the collection and analysis process.
Incident Response is an organized approach to addressing and managing the aftermath of a security breach or attack, also known as an incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
Cloud & Infrastructure Security - a broad set of policies, technologies and controls deployed to protect data, applications and the associated infrastructure of cloud computing. Effective security here means assessing your cloud services provider for data security and privacy, compliance, availability and scalability, while also determining portability of data and applications to shift if the current provider fails.
The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—It’s been reported recently by IoT SolutionProvider that more than 80 percent of IoT devices tested, raised privacy concerns; 80 percent tested failed to require passwords of sufficient complexity and length; and 70 percent tested did not encrypt communications to the Internet or local network, while 50 percent of their mobile apps had unencrypted communications to the cloud, Internet, or LAN.
Mobile Security & Management is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing.
The damage caused by a single mobile device breach can be massive. One health care service provider is expected to pay $650,000 to resolve 412 nursing residents’ health information being compromised after a phone was stolen.
Be pro-active about cyber security in your organization. Develop the right cyber security solution for your organization now so your company is sustainable into the future. It’s not just about a cost-analysis comparing prevention and detection to correction, it’s about corporate survival and sustainability, ensuring customer and employee trust, and even maintaining your brand’s identity in the marketplace.