Proactivity Is Key To Effective Cybersecurity

Uploaded on 2019-09-03 in NEWS-Cybersecurity News, JOBS-Training, FREE TO VIEW

All organisations should assume they will experience some sort of cyber security incident sooner or later, probably sooner, adds Nadia Veeran-Patel, Manager: Cyber Resilience, ContinuitySA a leader in S African IT security.
 
“Plan for the worst and, most important of all, know what to do when an incident occurs. Understanding that a successful attack will be launched is the basis of a proactive approach to information security and risk management,” she advises.
The statistics say it all. The SiteLock 2019 Website Security Report indicates that, while hacks have become harder to detect, the number increased by 59% in 2018. 
 
The Report makes it clear that small businesses are as much targets as larger corporates, virtually all businesses have Web sites nowadays, and 17.6 million Web sites have malware at any given time.
 
The numbers of people affected by site hacks are mind-boggling, just one example is that 147.9 million consumers were affected by the Equifax breach in 2017. Seventy percent of organisations say they believe their security risk increased significantly in 2017. However, says Veeran-Patel, it’s critical to look at cyber security holistically. “After all, while plenty of attacks do indeed arrive via the Internet, they can also show up at the front desk with a USB drive, or peer over your shoulder in a busy coffee shop,” she notes. 
 
“Organisations need to conduct a proper risk assessment and then develop a roadmap matched to their cyber security strategy, you need to know where you are going and how to get there. It’s also important to get guidance on the tools necessary to address any gaps and minimise the risks identified.”
 
Once an attack has happened, it’s important to take the time to evaluate the short, medium and long-term impacts. These will vary, but one basic business resilience measure that will reduce the impact of threats is reliable, consistent and easily accessible backups. 
 
In summary, Veeran-Patel says the following best practices should be followed:
 
• Plan for the worst and ensure you identify your risks and mitigation strategies upfront.
• Make sure you have a reliable backup process in place, with a clear understanding of what your information assets are, how often they should be backed up and how quickly each one needs to be recovered. These decisions need to be made by the business in conjunction with the IT department, never just the latter.
• Identify owners of information assets across the business and ensure they are part of the risk management process.
 
One final point is that cyber security is ultimately a function of corporate culture. Everybody in the organisation needs to understand the risks and the role they can play in making the organisation secure. 
 
ITWeb:              Image: US Homeland Security
 
For Cyber Training for your organisation, for a sensible training time and cost, Contact  Cyber Security Intelligence 
 
You Might Also Read: 
 
Cyber Essentials For Board Directors:
 
 
 
« Maritime Shipping Is Badly Exposed
Easy Cyber Knowledge Chapter 3 - Social Media & Social Change »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NSFOCUS Information Technology

NSFOCUS Information Technology

NSFOCUS is a global service provider and enterprise DDoS mitigation solution provider.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

Gurucul

Gurucul

Gurucul predictive security analytics protects against insider threats, account compromise and data exfiltration on-premises and in the cloud.

Norwegian Center for Information Security (NorSIS)

Norwegian Center for Information Security (NorSIS)

NorSIS) is an independent organization that works to increase knowledge and understanding of information security for businesses and individuals.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

Infosec Partners

Infosec Partners

Whether you’re looking for complete managed security or an on-call expert advisor, we offer a range of managed security services to complement your internal team or primary outsource partner.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

Variti

Variti

Variti Intelligent Active Bot Protection technology — traffic analysis, detection and stopping of malicious bots in real-time and effective response to DDoS attacks.

Systems Assessment Bureau (SAB)

Systems Assessment Bureau (SAB)

Systems Assessment Bureau is an internationally recognized ISO Certification Body with a unique vision of “Excel together with global standards”.

Guidehouse

Guidehouse

Guidehouse is a leading global provider of consulting services to the public and commercial markets with broad capabilities in management, technology, and risk consulting.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

System Two Security

System Two Security

System Two Security automates detection engineering and threat hunting.