8 cyber security resolutions for 2018
Happy new year 2018!
There is no doubt that 2017 has been a bad year for cyber security, with the Equifax breach, Wannacry ransomeware, Russian social media manipulation, etc... But to get you ready for 2018, here are our top 8 cyber-security recommendations to survive through this new year:
- Get ready for GDPR
Like it or not, GDPR is coming in May and most companies that do business in the EU are still not compliant. With fines ranging from a simple warning of non-compliance to up to $20 million EUR or 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater, you should be looking into it.
- Educate your employees
Security is not simply a CIO, CSO, or IT department issue. Breaches, leaked documents, and cyber-security attacks impact stock prices and competitive edge. It is a responsibility that must be shared among all employees; CEOs and board members must proactively mitigate future challenges.
- Be proactive about ransomware
A few simple steps can help you reduce or mitigate these attacks: Staying up to date with patches, antivirus and malware updates, backing up regularly and testing your backups, but also don't forget to strengthen your real time defense.
- Check your peripheral defense through penetration testing
Nothing beats real life testing. Stop trying to imagine what the threats might be and go for a reality check! There is no better way to assess your security posture than to let professional hackers try to get into your systems, and letting them report back the holes in your defense.
- Integrate security right in your product design
DevOps should become DevSecOps, security needs to be considered right at conception time, not merely patched once deployed in the field. Catching a security hole during development is several orders of magnitude cheaper than discovering it later, especially after a data breach. It's never too late to review your source code to check for obvious vulnerabilities, or get professional help to do it for you.
- Get prepared for a data breach
If you have been in business long enough, you should know that it's not if you will get breached, it's when. Detecting an attack and/or dealing with its consequences requires you to be prepared with a solid plan of action. Business continuity is crucial for your business and nothing can help you more than preparing procedures for disaster recovery, information leakage, or brand and reputation damage.
- IoT threats are real
Internet of Things is revolutionizing our lives but they don't always come with the proper security protections. The emergence of this new segment is an armed race for new companies to dominate the market, and security is often an afterthought. This can offer a massive opportunity for hackers to penetrate your systems through devices you hadn't considered harmful. Because IoT sometimes accesses your personal information or some of your critical infrastructure, it is increasingly becoming the preferred attack vector for hackers.
- Reduce your attack surface
Review and reduce what you are exposing externally and internally. The attack surface gives hackers a foothold into your systems from which to further attack your organization or other organizations. By eliminating blind-spots in your security and reducing the opportunities for hackers to gather data on your organization, you can dramatically decrease the probabilities of a data breach.
About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.
Like it or not, GDPR is coming in May and most companies that do business in the EU are still not compliant. With fines ranging from a simple warning of non-compliance to up to $20 million EUR or 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater, you should be looking into it.
Security is not simply a CIO, CSO, or IT department issue. Breaches, leaked documents, and cyber-security attacks impact stock prices and competitive edge. It is a responsibility that must be shared among all employees; CEOs and board members must proactively mitigate future challenges.
A few simple steps can help you reduce or mitigate these attacks: Staying up to date with patches, antivirus and malware updates, backing up regularly and testing your backups, but also don't forget to strengthen your real time defense.
Nothing beats real life testing. Stop trying to imagine what the threats might be and go for a reality check! There is no better way to assess your security posture than to let professional hackers try to get into your systems, and letting them report back the holes in your defense.
DevOps should become DevSecOps, security needs to be considered right at conception time, not merely patched once deployed in the field. Catching a security hole during development is several orders of magnitude cheaper than discovering it later, especially after a data breach. It's never too late to review your source code to check for obvious vulnerabilities, or get professional help to do it for you.
If you have been in business long enough, you should know that it's not if you will get breached, it's when. Detecting an attack and/or dealing with its consequences requires you to be prepared with a solid plan of action. Business continuity is crucial for your business and nothing can help you more than preparing procedures for disaster recovery, information leakage, or brand and reputation damage.
Internet of Things is revolutionizing our lives but they don't always come with the proper security protections. The emergence of this new segment is an armed race for new companies to dominate the market, and security is often an afterthought. This can offer a massive opportunity for hackers to penetrate your systems through devices you hadn't considered harmful. Because IoT sometimes accesses your personal information or some of your critical infrastructure, it is increasingly becoming the preferred attack vector for hackers.
Review and reduce what you are exposing externally and internally. The attack surface gives hackers a foothold into your systems from which to further attack your organization or other organizations. By eliminating blind-spots in your security and reducing the opportunities for hackers to gather data on your organization, you can dramatically decrease the probabilities of a data breach.