How To Keep Your Business Data Safe

One of the US’s leading experts on cybersecurity says all businesses are vulnerable to hacking. But he also asserts that there are ways to protect sensitive data.

Col. Cedric Leighton, military analyst for CNN and former National Security Agency deputy training director, spoke Wednesday 27th September, at Bank of Utah’s Fall Speaker Event in Lehi about managing cybersecurity risk in any industry.

“I hope to increase awareness of cybersecurity issues so companies will think defensively in the cybersecurity realm. You need to realise every time you have a connection to the Internet you increase your vulnerability,” Leighton said in an interview after the event. “It is also equally important that you understand how to defend yourself pro-actively.”

His message during the presentation conveyed a sense of urgency for industries to adapt this “proactive defense” mentality. Citing pertinent examples of hacking, including the most recent news about Expedia, Leighton said the United States is in the midst of a cyber war.

“Data has become the world’s most valuable resources and the new data economy absolutely needs to be secured,” he said.

He refers to places like China, North Korea and Russia as nation-state hackers. These countries are blatantly working on massive hacking programs to further their goals of both economic and world dominance, Leighton said. He explained that the hacking is not just technical, but a psychological social engineering issue as well.

“Hackers engage in psychological manipulation. That’s what they do,” he said, using examples of hackers planting stories on new websites and hacker bots buying advertising on Facebook for political posturing. “It’s more about what actually happens in people’s minds.”

Leighton said he estimates the cost of hacking globally to be $2 trillion annually, with as much as half being the cost to the United States alone. He firmly believes cyber threats, combined with artificial intelligence and physical attacks, are the next frontier of global warfare.

To combat all of this, Leighton suggested public-private partnerships between government and businesses to create a “resilient cyber infrastructure,” and develop national cyber strategy. Companies also individually need to be creative, and “understand the threat vectors are many and varied.” Because of this, they need to reach out to specialists who have specialised in protecting those specific threat areas.

Leighton also cautioned business leaders in attendance of the biggest open door to their businesses, phishing scams.

Hackers have become highly sophisticated at pretending to be colleagues or friends in sending email messages. But their messages have malware links or PDFs that appear innocent. To combat this sanitisation software has been proven to be the most effective way to combat this within organisations.

Still, once businesses have proactively fortified their data security, the job still isn’t done.

“Even if you do all these things, it becomes a continuous process, because the attack vectors change all the time,” Leighton said. “The key watchword there is proactivity.”

Herald Extra:

You Might Also Read:

Cyber Security is Now Business Critical (£):

 

« Government Cyber War Games
When AI Takes Our jobs, Only Developers Stand A Chance Of Work »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Guardsquare

Guardsquare

GuardSquare is the global reference in mobile application protection. We develop premium software for the protection of mobile applications against reverse engineering and hacking.

Watchdata Technologies

Watchdata Technologies

Watchdata Technologies is a pioneer in digital authentication and transaction security.

Pixalate

Pixalate

Pixalate is an omni-channel fraud intelligence company that works with brands and platforms to prevent invalid traffic and improve ad inventory quality.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

M2SYS

M2SYS

M2SYS is a worldwide leader in identification and authentication solutions.

DDOS-Guard

DDOS-Guard

DDoS-GUARD is one of the leading service providers on the global DDoS protection and content delivery markets.

NetSPI

NetSPI

NetSPI is an information security penetration testing and vulnerability assessment management advisory firm.

Software Diversified Services (SDS)

Software Diversified Services (SDS)

SDS provides the highest quality mainframe software and award-winning, expert service with an emphasis on security, encryption, monitoring, and data compression.

RealCISO

RealCISO

RealCISO is a CISO grade cloud platform to help companies understand, manage, and mitigate their cyber risk.

International Association of Security Awareness Professionals (IASAP)

International Association of Security Awareness Professionals (IASAP)

IASAP provides a members-only virtual sharing platform where security awareness professionals engage in a lively, year-round exchange of information and ideas.

SquareX

SquareX

Squarex secures your online activities without compromising productivity.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.

Strategic Security Solutions (S3)

Strategic Security Solutions (S3)

S3 is a leading provider of Cybersecurity consulting services for Identity and Access Governance (IAG), Zero Trust, and Enterprise Risk and Compliance.