[BreachExchange] Cybersecurity Protection: Don't Unknowingly "Leave the Door Open" to Your Business Information

Audrey McNeil audrey at riskbasedsecurity.com
Mon Nov 7 18:56:25 EST 2016


http://www.dhbusinessledger.com/article/20161104/insights/161109115/

"I'm the CEO - my CFO and IT guys have it covered." "I'm the CFO - my IT
department takes care of that." "I'm the CIO - it's my responsibility and I
have it covered." Sound familiar?

That's how many management teams at small to medium sized businesses think,
until the unthinkable happens. Unfortunately, the unthinkable is happening
more frequently in the world we live in. If you haven't guessed it yet, I
am referring to the protection of your company's and your clients'
electronic information and systems which are vital to the ongoing success
and survivability of a business.

Your business may be impacted sooner than you anticipate as instances of
cybertheft are increasing exponentially. Cyberthieves are growing in number
due to the many recent publicized successes of data theft and the
relatively easy access on the internet to the tools needed to execute
cybercrimes. Keep in mind that these cyberthieves could include one of your
current or former employees, a key competitor in your industry, a
city-state hacker from any country around the world, or even an organized
group of hackers. The motivation of each of these groups can vary, but the
vast majority are looking to make easy money by stealing and selling your
business information, holding that information ransom or leveraging it to
perpetrate further theft.

You may ask, "What can I do about it? I've done as much as possible." If
that's your thought process, you probably should reconsider. As an analogy,
you may recall hearing about the days when homeowners felt safe leaving
their doors open all day and all night. Or you might be lucky enough to
have experienced those relatively carefree days. Today, you would be
considered foolish if you left your house doors open and didn't expect
someone to come in and take your valued possessions. So there's a very real
possibility that you are unknowingly "leaving the doors wide open" to your
business information. In the same way that you lock your doors and maybe
install a home alarm, there are certain precautions that you should take to
reduce the risk of cybertheft by the growing number of cyberthieves.

Precautions to take

1. As a company owner, CEO, CFO, or other non-IT senior business manager,
you should meet with your CIO on a regular basis and take co-ownership of
information security. Spend the time that is needed to gain an
understanding of cybersecurity risks, and the potential solutions and costs
associated with protecting your company's and your clients' critical
information.

2. As the CIO or head of the IT department, be sure to engage the company's
owners and non-IT senior managers to help them gain a better understanding
of your current information security risks and the costs of mitigation.
Consider implementing a "risk register" to sufficiently capture, assess and
rank risks, and develop agreed-upon risk treatment plans.

3. You may have spent significant dollars on the latest technology
(firewalls, IPS/IDS, anti-malware, DLP, etc.), but all of that technology
requires people to properly operate, maintain and monitor your systems.
Every company is at risk if it doesn't have a layer of manual controls over
the technology environment to:

A. Monitor and respond to system alerts

B. Keep IT devices (servers, desktops, laptops, routers, firewalls, etc.)
configured according to best practices

C. Keep user access to applications, data and IT assets restricted over time

D. Follow a formal process for testing and approving changes to system
hardware or software

E. Monitor the system for vulnerabilities and respond to results of
penetration testing

F. Make sure that software and data is backed up as intended by management,
and periodically perform restore testing
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161107/6932a3b2/attachment.html>


More information about the BreachExchange mailing list