October officially welcomes the start of a spooky season. Summer is over, the days are shorter, pumpkin patches are overflowing and Halloween decor is around almost every corner. So, what better time to protect yourself from potential IT scares than National Cyber Security Awareness Month?
Having tight cyber security in place is imperative for IT companies. With a huge amount of important data now being logged online, it is vital to keep employees’ and customers’ information safeguarded. Information Security Buzz spoke with number of technology experts who discuss the importance of staying vigilant with IT security, whilst sharing tips to help keep you and your team protected.
With the advice from these experts, stay one step ahead and scare the security threats away this National Cyber Security Awareness Month.
Let’s face it – no company is immune to data breaches.
Security and data privacy are without a doubt one of the biggest concerns facing modern enterprises today. Yet most businesses today lack a firm grasp of their data – where it lives, who has access to it and how it’s being shared.
Often times, organisations tend to focus their efforts and investments in protecting the exterior alone. But breaches can and do happen from the inside.
In fact, up to 90% of valuable data lives in internal, downstream environments like development, testing, and analytics. Failing to protect the sensitive data in these locations can significantly open your organisation up to security breaches.
Cyber security is only as strong as your weakest entry point, and if the data in your internal environments is not masked, you will be putting yourself at risk of security breaches.
This Cybersecurity Awareness Month offers businesses a timely opportunity to re-examine their security practices and identify the weak points – both internal and external.
Robust cybersecurity truly starts from the inside.
1. “This Cybersecurity Awareness Month, it is important to take a hard look at the frightening shortage of cybersecurity professionals in the workforce, which is expected to leave 3.5 million jobs left unfilled in the cybersecurity industry. There is no quick fix to closing this gap, but steps can be taken right now in schools with children who show interest in technology to teach them the value of becoming part of the security industry. It is up to parents, teachers, and even the security community, to nurture a child’s natural desire to tinker with technology so that he/she will have a greater interest in pursuing a cybersecurity career as an adult.”
2. “Every industry has a security element, so even though a job may not be technical in nature, chances are an organization’s employees must deal with cybersecurity on some level. For this reason, it is important for companies to hire interns or entry-level candidates with degrees in math and/or philosophy, since these degrees teach people logic and problem-solving techniques – valuable skills that all cybersecurity professionals must possess.”
3. “It takes a lot more for today’s cybersecurity professionals to be successful at their jobs than just understanding how to hunt for and detect cyberattacks. In order to truly stay one-step ahead of today’s breaches, security professionals need to participate in all the options associated with cybersecurity. For example, learn a programming language like python since the traditional security engineer (who does not know programming or scripting languages) is slowly becoming obsolete. If security professionals cannot speak in a developer’s language, then they will struggle when talking risk to them.”
Follow the 3Ms to protect your identity and finances, especially during National Cybersecurity Awareness month. Minimize your risk of exposure, monitor your accounts and your identity so you know as quickly as possible if you have an issue and manage the damage. Reduce your attackable surface by never clicking on suspicious links or attachments, using long and strong passwords that you don’t share across your universe of accounts and websites, enabling two factor authentication, avoiding public Wifi, not downloading apps from anywhere other than legitimate app stores, securing your mobile and internet-of-things devices with up-to-date security software and unique passwords, and limiting oversharing on social media. Freeze your credit, it’s now free.
Although October is Cybersecurity Awareness month, organizations need to consider matters of security with the utmost importance every day, not just this month – particularly when it comes to cloud. Cloud security challenges can vary greatly depending on how far along organizations are on their digital transformation. On the one hand, more conservative and regulated enterprises find themselves inhibited along their digital transformation journeys, while on the other hand, more aggressive digital natives are left exposed to punitive data protection legislation and increasingly privacy conscious consumers. For any organization looking to protect against a data breach, encrypting data and adopting industry best practices for managing encryption keys is crucial. Leveraging colocated encryption key management services that secure encryption keys in a Hardware Security Module (HSM) outside of, but in close proximity to, the cloud environment in which their applications reside allow for high performance, low latency integration with cloud apps without compromising on security or compliance.
The number one lesson of Cybersecurity Awareness Month for every company should be that cybersecurity is no longer just an IT issue; it’s an existential issue for the whole business. Any device that collects information is ripe for attack. For example, at Sharper Shape we use drones to collect data that helps prevent fires. And while we don’t in any way collect private or personal information, our security measures ensure that only those using our application can access the data. We do this not because we are under immediate threat, but because we never know when we could be.