Asking Just 4 Questions Will Stop 90% of Hacks

Think you don’t have to worry about cybersecurity? Think again. “You don’t think you have this problem? You have this problem,” said Jane Holl Lute, CEO of the Center for Internet Security, at an eye-opening panel at Fortune‘s Most Powerful Women Summit in Washington, DC recently. “We’re all on the same Internet, facing the same problems.”

Globally, there were more than 40 million cyber attacks on businesses last year, up nearly 50% from 2013. What’s more, the opportunities for hackers and other bad actors will only grow. Helen Greiner, CEO of drone-maker CyPhy Works, reminded the MPW audience that drone deliveries and driverless cars are on the horizon. “Imagine if they are hacked,” she said.

The possibilities are frightening, but there’s no reason to panic. According to Lute, following the four basic steps of cyber security “hygiene” can head off up to 90% of attacks. All companies and organizations should ask themselves the following questions, she advised:

1. Do we know what is connected to our network? (“The answer is usually no,” said Lute.)
2. Do we know what’s running—or trying to run—on our networks?
3. Do we properly manage the people who have administrative permission to wander around our network? This includes ensuring that employees and administrators are not sharing passwords. (“Would you share you toothbrush?” asked Lute. “Please say, ‘no.'”)
4. Do we have an automatic system that continuously monitors our network?

If the answer to any of the above is a negative, your team should immediately take all required steps to get to “yes.”
Paula Tolliver, corporate VP of Dow Chemical Company DOW 1.29% , agreed that these steps are vitally important and noted that companies sometimes make the mistake of investing significant money in other technologies to help defend against cyber attacks before focusing on good hygiene and understanding their own unique threat landscape. “Get the fundamentals right—then advance your tech,” she said.
Fortune: http://for.tn/1QrMu0C

 

« Attract and Retain Great Cyber Security Talent
Russia - NATO Cyber War Heats Up »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Casaba Security

Casaba Security

Casaba are specialists in software security providing managed Software Development Lifecycle services as well as products for security testing.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

Gulf Computer Services Co (GCSC)

Gulf Computer Services Co (GCSC)

Gulf Computer Services is a major player in the field of networking & Communication solutions for emerging industries such as Internet Services and Information Technology in Saudi Arabia.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

Archivo

Archivo

Archivo is a value added reseller focused on Disaster Recovery as a Service (DRaaS), backup, hyper-convergence, hybrid storage and Cyber security.

Aries Security

Aries Security

Aries Security provides a premiere cyber training range and skills assessment suite and develops content for all levels of ability.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

Robert Walters

Robert Walters

Robert Walters is one of the world's leading global specialist professional recruitment and recruitment process outsourcing consultancies.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

SLVA Cybersecurity

SLVA Cybersecurity

SLVA Cybersecurity excel at delivering security-as-a-service, fit-for-purpose, within the constraints of realistic budgets and business expectations.

InfoSec4TC

InfoSec4TC

InfoSec4tc is an online Information Security Courses, Training, and Consultancy provider.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

Cylerian

Cylerian

Cylerian is a Next Generation SaaS Security Platform - One unified cloud platform to achieve your security, compliance, and operational objectives.