Asking Just 4 Questions Will Stop 90% of Hacks

Uploaded on 2015-10-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Think you don’t have to worry about cybersecurity? Think again. “You don’t think you have this problem? You have this problem,” said Jane Holl Lute, CEO of the Center for Internet Security, at an eye-opening panel at Fortune‘s Most Powerful Women Summit in Washington, DC recently. “We’re all on the same Internet, facing the same problems.”

Globally, there were more than 40 million cyber attacks on businesses last year, up nearly 50% from 2013. What’s more, the opportunities for hackers and other bad actors will only grow. Helen Greiner, CEO of drone-maker CyPhy Works, reminded the MPW audience that drone deliveries and driverless cars are on the horizon. “Imagine if they are hacked,” she said.

The possibilities are frightening, but there’s no reason to panic. According to Lute, following the four basic steps of cyber security “hygiene” can head off up to 90% of attacks. All companies and organizations should ask themselves the following questions, she advised:

1. Do we know what is connected to our network? (“The answer is usually no,” said Lute.)
2. Do we know what’s running—or trying to run—on our networks?
3. Do we properly manage the people who have administrative permission to wander around our network? This includes ensuring that employees and administrators are not sharing passwords. (“Would you share you toothbrush?” asked Lute. “Please say, ‘no.'”)
4. Do we have an automatic system that continuously monitors our network?

If the answer to any of the above is a negative, your team should immediately take all required steps to get to “yes.”
Paula Tolliver, corporate VP of Dow Chemical Company DOW 1.29% , agreed that these steps are vitally important and noted that companies sometimes make the mistake of investing significant money in other technologies to help defend against cyber attacks before focusing on good hygiene and understanding their own unique threat landscape. “Get the fundamentals right—then advance your tech,” she said.
Fortune: http://for.tn/1QrMu0C

 

« Attract and Retain Great Cyber Security Talent
Russia - NATO Cyber War Heats Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

General Dynamics Information Technology (GDIT)

General Dynamics Information Technology (GDIT)

General Dynamics IT delivers cyber security services to defend critical information and infrastructure.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

Fair Isaac Corporation (FICO)

Fair Isaac Corporation (FICO)

FICO provides analytics software and tools used across multiple industries to manage risk, fight fraud, optimize operations and meet strict government regulations.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Swascan

Swascan

Swascan is the first all-in-one, GDPR Compliant, Cloud Security Suite Platform. GDPR Assessment, Web Application Scan, Network Scan, Code Review.

Czech Accreditation Institute

Czech Accreditation Institute

Czech Accreditation Institute is the national accreditation body for the Czech Republic. The directory of members provides details of organisations offering certification services for ISO 27001.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

Phriendly Phishing

Phriendly Phishing

Phriendly Phishing offers phishing awareness training programs designed to ward off potential security threats and minimise the impact of cyber attacks.

NVISO Security

NVISO Security

NVISO is a pure-play cyber security consulting firm, focused mainly on the Financial Sector, the Technology Sector, and Government & Critical Infrastructure.