How To Keep Your Business Data Safe

One of the US’s leading experts on cybersecurity says all businesses are vulnerable to hacking. But he also asserts that there are ways to protect sensitive data.

Col. Cedric Leighton, military analyst for CNN and former National Security Agency deputy training director, spoke Wednesday 27th September, at Bank of Utah’s Fall Speaker Event in Lehi about managing cybersecurity risk in any industry.

“I hope to increase awareness of cybersecurity issues so companies will think defensively in the cybersecurity realm. You need to realise every time you have a connection to the Internet you increase your vulnerability,” Leighton said in an interview after the event. “It is also equally important that you understand how to defend yourself pro-actively.”

His message during the presentation conveyed a sense of urgency for industries to adapt this “proactive defense” mentality. Citing pertinent examples of hacking, including the most recent news about Expedia, Leighton said the United States is in the midst of a cyber war.

“Data has become the world’s most valuable resources and the new data economy absolutely needs to be secured,” he said.

He refers to places like China, North Korea and Russia as nation-state hackers. These countries are blatantly working on massive hacking programs to further their goals of both economic and world dominance, Leighton said. He explained that the hacking is not just technical, but a psychological social engineering issue as well.

“Hackers engage in psychological manipulation. That’s what they do,” he said, using examples of hackers planting stories on new websites and hacker bots buying advertising on Facebook for political posturing. “It’s more about what actually happens in people’s minds.”

Leighton said he estimates the cost of hacking globally to be $2 trillion annually, with as much as half being the cost to the United States alone. He firmly believes cyber threats, combined with artificial intelligence and physical attacks, are the next frontier of global warfare.

To combat all of this, Leighton suggested public-private partnerships between government and businesses to create a “resilient cyber infrastructure,” and develop national cyber strategy. Companies also individually need to be creative, and “understand the threat vectors are many and varied.” Because of this, they need to reach out to specialists who have specialised in protecting those specific threat areas.

Leighton also cautioned business leaders in attendance of the biggest open door to their businesses, phishing scams.

Hackers have become highly sophisticated at pretending to be colleagues or friends in sending email messages. But their messages have malware links or PDFs that appear innocent. To combat this sanitisation software has been proven to be the most effective way to combat this within organisations.

Still, once businesses have proactively fortified their data security, the job still isn’t done.

“Even if you do all these things, it becomes a continuous process, because the attack vectors change all the time,” Leighton said. “The key watchword there is proactivity.”

Herald Extra:

You Might Also Read:

Cyber Security is Now Business Critical (£):

 

« Government Cyber War Games
When AI Takes Our jobs, Only Developers Stand A Chance Of Work »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

EC-Council

EC-Council

EC-Council is a member-based organization that certifies individuals in various e-business and information security skills.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

Cybercrowd

Cybercrowd

Cybercrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

Roke Manor Research

Roke Manor Research

Roke is a world-class electronics engineering consultancy. Areas of expertise include cyber security, cyber assurance and cryptographic solutions.

Netwrix

Netwrix

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

OAS Chain

OAS Chain

OAS Blockchain Renaissance Project presents three platforms that address the major challenges of public blockchain, private blockchain, and IoT security.

Cyber Defence Solutions (CDS)

Cyber Defence Solutions (CDS)

Cyber Defence Solutions is a cyber and privacy Consultancy with extensive experience in the development and implementation of cyber and data security solutions to your assets.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

Sealing Technologies (SealingTech)

Sealing Technologies (SealingTech)

SealingTech is a leader in cutting edge research, products, engineering, and integration services in the Internet of Things, Edge, Machine Learning, Artificial Intelligence, and Cloud.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

Cyber Security Council UAE

Cyber Security Council UAE

The Cyber Security Council's vision is to protect UAE cyberspace, maintain confidence in our digital infrastructure and institutions, and build a cyber-resilient society.

Securadin

Securadin

Securadin - Defending Your Data Security. We will assist you in learning how to maintain the confidentiality, integrity, and availability of your organization's assets.

IndoSec

IndoSec

IndoSec is an annual cybersecurity summit that powers an in-person gathering of cybersecurity leaders from Indonesia’s major corporations, leading businesses and key government entities.