Asking Just 4 Questions Will Stop 90% of Hacks

Uploaded on 2015-10-20 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Think you don’t have to worry about cybersecurity? Think again. “You don’t think you have this problem? You have this problem,” said Jane Holl Lute, CEO of the Center for Internet Security, at an eye-opening panel at Fortune‘s Most Powerful Women Summit in Washington, DC recently. “We’re all on the same Internet, facing the same problems.”

Globally, there were more than 40 million cyber attacks on businesses last year, up nearly 50% from 2013. What’s more, the opportunities for hackers and other bad actors will only grow. Helen Greiner, CEO of drone-maker CyPhy Works, reminded the MPW audience that drone deliveries and driverless cars are on the horizon. “Imagine if they are hacked,” she said.

The possibilities are frightening, but there’s no reason to panic. According to Lute, following the four basic steps of cyber security “hygiene” can head off up to 90% of attacks. All companies and organizations should ask themselves the following questions, she advised:

1. Do we know what is connected to our network? (“The answer is usually no,” said Lute.)
2. Do we know what’s running—or trying to run—on our networks?
3. Do we properly manage the people who have administrative permission to wander around our network? This includes ensuring that employees and administrators are not sharing passwords. (“Would you share you toothbrush?” asked Lute. “Please say, ‘no.'”)
4. Do we have an automatic system that continuously monitors our network?

If the answer to any of the above is a negative, your team should immediately take all required steps to get to “yes.”
Paula Tolliver, corporate VP of Dow Chemical Company DOW 1.29% , agreed that these steps are vitally important and noted that companies sometimes make the mistake of investing significant money in other technologies to help defend against cyber attacks before focusing on good hygiene and understanding their own unique threat landscape. “Get the fundamentals right—then advance your tech,” she said.
Fortune: http://for.tn/1QrMu0C

 

« Attract and Retain Great Cyber Security Talent
Russia - NATO Cyber War Heats Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Zivver

Zivver

Zivver is the effortless, secure email platform, powering the next generation of secure communications.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Hardenite

Hardenite

Hardenite solution helps R&D, DevOps and IT teams to continuously manage security risks and hardening efforts of any Linux OS – based product, throughout the product life cycle.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

Terralogic

Terralogic

Terralogic is a software and IT services company, an expert in IoT, Cloud, DevOps, App development and Cybersecurity.

Tabidus Technology

Tabidus Technology

Tabidus Technology is a cybersecurity association that unites and provides the global protection options against cyber threats.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

Palitronica

Palitronica

Palitronica build cutting-edge hardware and breakthrough software that revolutionizes how we defend critical infrastructure and key resources.

AFRY

AFRY

AFRY is a world leading engineering company, trusted as a supplier of services and solutions within the industry, energy, and infrastructure sectors as well as for authorities.

DarkFeed

DarkFeed

DarkFeed is a Threat Intelligence provider that monitors the darknet in real-time, where hackers and Cyber criminals are most active.

ZENDATA

ZENDATA

ZENDATA are an innovative provider of intelligent, tailored cybersecurity solutions to global companies and public sector institutions.