How To Keep Your Business Data Safe

Uploaded on 2017-11-09 in FREE TO VIEW, NEWS-Cybersecurity News

One of the US’s leading experts on cybersecurity says all businesses are vulnerable to hacking. But he also asserts that there are ways to protect sensitive data.

Col. Cedric Leighton, military analyst for CNN and former National Security Agency deputy training director, spoke Wednesday 27th September, at Bank of Utah’s Fall Speaker Event in Lehi about managing cybersecurity risk in any industry.

“I hope to increase awareness of cybersecurity issues so companies will think defensively in the cybersecurity realm. You need to realise every time you have a connection to the Internet you increase your vulnerability,” Leighton said in an interview after the event. “It is also equally important that you understand how to defend yourself pro-actively.”

His message during the presentation conveyed a sense of urgency for industries to adapt this “proactive defense” mentality. Citing pertinent examples of hacking, including the most recent news about Expedia, Leighton said the United States is in the midst of a cyber war.

“Data has become the world’s most valuable resources and the new data economy absolutely needs to be secured,” he said.

He refers to places like China, North Korea and Russia as nation-state hackers. These countries are blatantly working on massive hacking programs to further their goals of both economic and world dominance, Leighton said. He explained that the hacking is not just technical, but a psychological social engineering issue as well.

“Hackers engage in psychological manipulation. That’s what they do,” he said, using examples of hackers planting stories on new websites and hacker bots buying advertising on Facebook for political posturing. “It’s more about what actually happens in people’s minds.”

Leighton said he estimates the cost of hacking globally to be $2 trillion annually, with as much as half being the cost to the United States alone. He firmly believes cyber threats, combined with artificial intelligence and physical attacks, are the next frontier of global warfare.

To combat all of this, Leighton suggested public-private partnerships between government and businesses to create a “resilient cyber infrastructure,” and develop national cyber strategy. Companies also individually need to be creative, and “understand the threat vectors are many and varied.” Because of this, they need to reach out to specialists who have specialised in protecting those specific threat areas.

Leighton also cautioned business leaders in attendance of the biggest open door to their businesses, phishing scams.

Hackers have become highly sophisticated at pretending to be colleagues or friends in sending email messages. But their messages have malware links or PDFs that appear innocent. To combat this sanitisation software has been proven to be the most effective way to combat this within organisations.

Still, once businesses have proactively fortified their data security, the job still isn’t done.

“Even if you do all these things, it becomes a continuous process, because the attack vectors change all the time,” Leighton said. “The key watchword there is proactivity.”

Herald Extra:

You Might Also Read:

Cyber Security is Now Business Critical (£):

 

« Government Cyber War Games
When AI Takes Our jobs, Only Developers Stand A Chance Of Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

Redcentric

Redcentric

Redcentric is a leading UK IT managed services provider. We deliver managed IT, cloud computing, data backup, information security services and managed networks.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

Illumio

Illumio

Illumio delivers adaptive security for every computing environment, protecting the 80% of data center and cloud traffic missed by the perimeter.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Information System Authority (RIA) - Estonia

Information System Authority (RIA) - Estonia

RIA ensures the interoperability of the state’s information system, organises activities related to information security, and handles security incidents in Estonian computer networks.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

Hacken

Hacken

Hacken provide a range of cybersecurity services including security assessments, blockchain security audits, and secure software development.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Rezonate

Rezonate

Rezonate discovers, profiles, and protects Identities and their entire access journey to cloud infrastructure and critical SaaS applications. Preventing and stopping cyberattacks.

Opal Security

Opal Security

Opal is an identity and access management platform that offers a consolidated view and control of your whole ecosystem from on-prem to cloud and SaaS.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.