Asking Just 4 Questions Will Stop 90% of Hacks

Uploaded on 2015-10-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Think you don’t have to worry about cybersecurity? Think again. “You don’t think you have this problem? You have this problem,” said Jane Holl Lute, CEO of the Center for Internet Security, at an eye-opening panel at Fortune‘s Most Powerful Women Summit in Washington, DC recently. “We’re all on the same Internet, facing the same problems.”

Globally, there were more than 40 million cyber attacks on businesses last year, up nearly 50% from 2013. What’s more, the opportunities for hackers and other bad actors will only grow. Helen Greiner, CEO of drone-maker CyPhy Works, reminded the MPW audience that drone deliveries and driverless cars are on the horizon. “Imagine if they are hacked,” she said.

The possibilities are frightening, but there’s no reason to panic. According to Lute, following the four basic steps of cyber security “hygiene” can head off up to 90% of attacks. All companies and organizations should ask themselves the following questions, she advised:

1. Do we know what is connected to our network? (“The answer is usually no,” said Lute.)
2. Do we know what’s running—or trying to run—on our networks?
3. Do we properly manage the people who have administrative permission to wander around our network? This includes ensuring that employees and administrators are not sharing passwords. (“Would you share you toothbrush?” asked Lute. “Please say, ‘no.'”)
4. Do we have an automatic system that continuously monitors our network?

If the answer to any of the above is a negative, your team should immediately take all required steps to get to “yes.”
Paula Tolliver, corporate VP of Dow Chemical Company DOW 1.29% , agreed that these steps are vitally important and noted that companies sometimes make the mistake of investing significant money in other technologies to help defend against cyber attacks before focusing on good hygiene and understanding their own unique threat landscape. “Get the fundamentals right—then advance your tech,” she said.
Fortune: http://for.tn/1QrMu0C

 

« Attract and Retain Great Cyber Security Talent
Russia - NATO Cyber War Heats Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

High-Tech Bridge

High-Tech Bridge

High-Tech Bridge SA is a Swiss MSSP provider offering security auditing, source code review and computer forensics.

MetaCompliance

MetaCompliance

MetaCompliance is a cyber security and compliance organisation that helps transform your company culture and safeguard your data and values.

F-Response

F-Response

F-Response is a software utility that enables an investigator to conduct live Forensics, Data Recovery, and eDiscovery over an IP network using their tools of choice.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Quadrant Information Security

Quadrant Information Security

Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

VS Security Products

VS Security Products

VS Security Products design, manufacture and sell the most extensive range of degaussers and data destroyers on the market, suitable for all types of magnetic media.

A3Sec

A3Sec

A3Sec provides professional solutions in the areas of Cybersecurity, Device Monitoring, Business Intelligence and Big Data.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.