Proactivity Is Key To Effective Cybersecurity

Uploaded on 2019-09-03 in NEWS-Cybersecurity News, JOBS-Training, FREE TO VIEW

All organisations should assume they will experience some sort of cyber security incident sooner or later, probably sooner, adds Nadia Veeran-Patel, Manager: Cyber Resilience, ContinuitySA a leader in S African IT security.
 
“Plan for the worst and, most important of all, know what to do when an incident occurs. Understanding that a successful attack will be launched is the basis of a proactive approach to information security and risk management,” she advises.
The statistics say it all. The SiteLock 2019 Website Security Report indicates that, while hacks have become harder to detect, the number increased by 59% in 2018. 
 
The Report makes it clear that small businesses are as much targets as larger corporates, virtually all businesses have Web sites nowadays, and 17.6 million Web sites have malware at any given time.
 
The numbers of people affected by site hacks are mind-boggling, just one example is that 147.9 million consumers were affected by the Equifax breach in 2017. Seventy percent of organisations say they believe their security risk increased significantly in 2017. However, says Veeran-Patel, it’s critical to look at cyber security holistically. “After all, while plenty of attacks do indeed arrive via the Internet, they can also show up at the front desk with a USB drive, or peer over your shoulder in a busy coffee shop,” she notes. 
 
“Organisations need to conduct a proper risk assessment and then develop a roadmap matched to their cyber security strategy, you need to know where you are going and how to get there. It’s also important to get guidance on the tools necessary to address any gaps and minimise the risks identified.”
 
Once an attack has happened, it’s important to take the time to evaluate the short, medium and long-term impacts. These will vary, but one basic business resilience measure that will reduce the impact of threats is reliable, consistent and easily accessible backups. 
 
In summary, Veeran-Patel says the following best practices should be followed:
 
• Plan for the worst and ensure you identify your risks and mitigation strategies upfront.
• Make sure you have a reliable backup process in place, with a clear understanding of what your information assets are, how often they should be backed up and how quickly each one needs to be recovered. These decisions need to be made by the business in conjunction with the IT department, never just the latter.
• Identify owners of information assets across the business and ensure they are part of the risk management process.
 
One final point is that cyber security is ultimately a function of corporate culture. Everybody in the organisation needs to understand the risks and the role they can play in making the organisation secure. 
 
ITWeb:              Image: US Homeland Security
 
For Cyber Training for your organisation, for a sensible training time and cost, Contact  Cyber Security Intelligence 
 
You Might Also Read: 
 
Cyber Essentials For Board Directors:
 
 
 
« Maritime Shipping Is Badly Exposed
Easy Cyber Knowledge Chapter 3 - Social Media & Social Change »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Information Risk Management (IRM)

Information Risk Management (IRM)

IRM is an international consultancy dedicated to helping organisations solve key business issues. We provide strategic cyber security advice across a wide range of sectors.

Lima Networks

Lima Networks

LIMA design and deliver IT Infrastructure solutions and services including managed Security Monitoring services.

Veeam

Veeam

Veeam is the leader in intelligent data management for the Hyper-Available Enterprise.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

Ekran System

Ekran System

Ekran System is an advanced insider threat detection solution for companies of any size.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

CyberCyte

CyberCyte

CyberCyte provides a disruptive built-in integrated physical, network and perimeter security solution framework.

Sixteenth Air Force (Air Forces Cyber)

Sixteenth Air Force (Air Forces Cyber)

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

Suresecure

Suresecure

Suresecure are a specialised consulting company providing Strategic IT security consulting, Managed Security Services, and Incident Response Management.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

Cybernatics

Cybernatics

Cybernatics is inspired by bringing together best-in-class innovations around Cybersecurity and Analytics. We offer tailored enterprise solutions to safeguard your organisations best interests.

BreachBits

BreachBits

BreachBits are on a mission to deliver world-class cyber risk insights continuously at scale in situations where knowing the true risk truly matters.

Cork

Cork

Cork is a purpose-built cyber warranty company for managed service providers (MSPs) serving small businesses (SMBs) and the software solutions they manage.