Cybersafety Connections October 2021 Vol#38
Perfect Peace Syndrome
Are you going around believing it will never happen to your organization? That state of mind I just learned is called ”Perfect Peace Syndrome” from the article “Is your Cybersecurity Strategy Still Relevant?” By Natalie Rooney in www.icpas.org.insight Fall 2021. It has been reiterated time and time again with cyberattacks, it is not If but When. As a small business, you can be prepared for cyberattacks by getting outside help or outsourcing.
Businesses have to evolve faster than cyber criminals to keep up. How do you organize your cyber defenses?
Technological and Human Defenses
There is no one best cybersecurity strategy. What organizations can do is to strengthen technological and human defenses.
Technological defenses at the basic level start with a firewall that can check emails and attachments to see if there are phishing links or viruses. Currently, anti-virus software is able to detect virus encrypting files, and fight it.
Technological defenses do not relieve human factors of the responsibility for cybersafety.
Human elements need to be educated and trained to recognize red flags in order to be able to protect against cyberattacks.
The training needs to keep pace with the ever-evolving threat in the cybersecurity landscape.
The good cyber habits we have continued to mention from your personal to professional remote lives can help fight against cyber-attacks. Here are some suggested cyber hygiene practices for all organizations 1.
- Know where critical data is stored and housed.
- Build and maintain a secure network including firewall and strong password requirements.
- Encrypting data.
- Maintaining a vulnerability management program that includes regularly updating anti-virus software and other types of preventive software.
- Using controls to restrict data access based on roles and identification.
- Having information security that covers employees, contractors, and third parties.
- Implementing software patches and software as soon as they are released.
The Business of Cybersecurity
Cybersecurity is not an IT business alone; it covers the whole organization and external parties. When there is a cyber-attack, it can lead to fines, penalties, and loss of trust.
Cybersecurity should be considered an enterprise risk. And the best strategy is for organizations to proactively build cybersecurity into any new products, services, transactions, technology upgrade at the onset. This is because once completed it would be difficult to incorporate cybersecurity and this gives cybercriminals a loophole to exploit.2
We all have to chip in everyone along with technology doing their part to keep our organizations safe.
Subscribe to get the latest post