5 Key Tips to Raise Your Cyber Risk Posture

by Katherine Bodendorfer

There is no single solution or approach that will address your top cyber risks to your revenue and reputation, but there are some straightforward steps you can take to secure your sensitive information and online transactions:

-Invest Smart, Not Big: As the threat landscape grows, it is a common mistake to assume you need to invest in all of the best of breed technologies(leading products and software tools) to secure your organization. It is important to understand the difference between investing in the best of breed technology and investing time in determining your top digital dependencies. What data or transactions if disrupted or stolen would bring your operations to its knees? This is where you start.

-Your Organization’s Cyber Resilience is Not an IT Issue: Cyber risk reduction is not the responsibility of the IT department. It a team responsibility. Invest in awareness training and help familiarize employees with potential risks. Do your employees know how to identify and report a suspicious email? A good place to start is to focus on cybersecurity awareness training; KnowBe4 is an integrated platform and was rated highest in cybersecurity training and education.

-Identify Your Key Information: Part of making a smart investment is identifying key information that you cannot afford to lose even if you have a copy. Securing everyone and everything is not effective and can be a costly and timely investment. Cybersecurity is about equipping your business with the right technology to provide added protection to your most sensitive data (PII, IP, $ data).

-Antivirus is Necessary but Not Sufficient: Are you operating under the misconception that you should only invest in antivirus software? Antivirus software is signature-based technology that identifies threats to your network, but it cannot identify threats it has not been programmed to recognize. Antivirus software is useful to a startup company or a small business without a network. But more advanced behavioral analysis like endpoint detection and response software (EDR is installed on all network servers and on all endpoint devices, like laptops, smartphones, tablets, and other devices to secure each endpoint) is needed if you have networked systems that the business owns and operates.

-You are a Target Every day: Regardless of your company size or Sector, you are now a target. It is simply a cybercrime and fraud numbers game. If you are a business, you have customers, and possess personal information (of your customers or employees) then you are a target. Everyone is a target. The best of breed technology is not worth the investment if you are not realistic and realize your company risks. The main attack vector a cybercriminal exploit is luring an average user via email, hacked pages or reproduced software. It is important for a company to create a security culture that balances technology investment, awareness training, and the usability of sensitive information.

Conclusion: Plan for a cyber-attack. Put in place appropriate mitigation and protection plans. Train your employees. Prevent cybercrime and Fraud. Start Here

Recommended Posts
Katherine Bodendorfer

Football and cybersecurity: With the big game still fresh in our minds, let’s apply a football framework to cybersecurity.

Terry Roberts

WhiteHawk CEO and President Terry Roberts, with contributions from Forrest Allen, comments on ways the utilities industry can capitalize on…

Katherine Bodendorfer

Because Phishing Email attacks are always evolving, below are 6 types of phishing attacks to watch out for in 2019.