Asking Just 4 Questions Will Stop 90% of Hacks

Uploaded on 2015-10-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Think you don’t have to worry about cybersecurity? Think again. “You don’t think you have this problem? You have this problem,” said Jane Holl Lute, CEO of the Center for Internet Security, at an eye-opening panel at Fortune‘s Most Powerful Women Summit in Washington, DC recently. “We’re all on the same Internet, facing the same problems.”

Globally, there were more than 40 million cyber attacks on businesses last year, up nearly 50% from 2013. What’s more, the opportunities for hackers and other bad actors will only grow. Helen Greiner, CEO of drone-maker CyPhy Works, reminded the MPW audience that drone deliveries and driverless cars are on the horizon. “Imagine if they are hacked,” she said.

The possibilities are frightening, but there’s no reason to panic. According to Lute, following the four basic steps of cyber security “hygiene” can head off up to 90% of attacks. All companies and organizations should ask themselves the following questions, she advised:

1. Do we know what is connected to our network? (“The answer is usually no,” said Lute.)
2. Do we know what’s running—or trying to run—on our networks?
3. Do we properly manage the people who have administrative permission to wander around our network? This includes ensuring that employees and administrators are not sharing passwords. (“Would you share you toothbrush?” asked Lute. “Please say, ‘no.'”)
4. Do we have an automatic system that continuously monitors our network?

If the answer to any of the above is a negative, your team should immediately take all required steps to get to “yes.”
Paula Tolliver, corporate VP of Dow Chemical Company DOW 1.29% , agreed that these steps are vitally important and noted that companies sometimes make the mistake of investing significant money in other technologies to help defend against cyber attacks before focusing on good hygiene and understanding their own unique threat landscape. “Get the fundamentals right—then advance your tech,” she said.
Fortune: http://for.tn/1QrMu0C

 

« Attract and Retain Great Cyber Security Talent
Russia - NATO Cyber War Heats Up »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Virtual Security

Virtual Security

Virtual Security provides solutions in the field of managed security services, network security, secure remote work, responsible internet, application security, encryption, BYOD and compliance.

Datiphy

Datiphy

Datiphy's data-centric security platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

Euro-Recycling

Euro-Recycling

Euro-Recycling is a leading UK provider of Secure On-Site Data Media Destruction Services.

Vanbreda

Vanbreda

Vanbreda Risk & Benefits is the largest independent insurance broker and risk consultant in Belgium and the leading insurance partner in the Benelux.

Soffid

Soffid

Soffid provides full Single-Sign-On experience and full Identity and Access Management features by policy-based centralised orchestration of user identities.

Cyrebro

Cyrebro

CYREBRO is your online cybersecurity central command managed SOC that integrates all your security events with strategic monitoring, proactive threat intelligence, and rapid incident response.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

Fortiedge

Fortiedge

Fortiedge is an IT Security solution provider specializing in Cyber Security practices and solutions for our clients.

Intelligent CloudCare

Intelligent CloudCare

Intelligent CloudCare, a division of IPS, is a full IT Services provider serving the needs of SMBs in the metropolitan New York City region.

Dig Security

Dig Security

Dig Security offers the first data detection and response (DDR) solution, providing real-time visibility, control and protection of your data assets across any cloud.

Questex Asia Total Security Conference

Questex Asia Total Security Conference

Questex Asia’s Total Security Conferences is one of the industry’s most prestigious and engaging forums for the region's top information security leaders and business decision-makers.

PowerDMARC

PowerDMARC

PowerDMARC is a domain security and email authentication SaaS platform that helps organizations protect their domain name, brand, and emails against unauthorized use.

itm8

itm8

itm8 is a Nordic digital transformation partner offering a wide range of services in IT operations and Cloud Services, Digital Transformation, Application Services, ERP, and Cyber Security.

Bytium

Bytium

Bytium provides top-tier IT services and solutions designed to empower everyone, from individuals to global corporations. Specializing in cybersecurity and proactive IT management.