#CyberFLASH: Seven ways to tighten cyber security

a-woman-uses-her-computer-keyboard-to-type-while-surfing-the-internet-in-north-vAnother year is drawing to a close, and with it come the usual look-back stories at what happened. Once again it wasn’t pretty. The question is what’s a CISO to do about it?

The answer is, cover all the bases while facing the demands of other parts of the organization for business agility. A big job? Well, security and agility aren’t incompatible, but like everything else in an enterprise they have to be reasonably measured with risk.

That brings me to an article I saw this week that outlines seven things CISOs should be taking to making their organizations more secure:

–Understand information assets. I’d make it clearer than that — understand that in addition to product design and intellectual property, all personal information held by the organization is also a target and has to be protected;

–Encrypt all data. Here’s where business units may object, fearing encryption of data at rest as well as in transit may slow down business processes. And small businesses may say it’s impractical. But the risk is too great to do otherwise.

Remember, no company is too small to be attacked: Last week CBC reported that a Calgary wine store had to pay a ransom to get its data back after an attacker infected its database. If you don’t want to or can’t encrypt data, at least have solid backup and recover processes so blackmailers can be ignored.

–Automate security processes where feasible;

Read more here

About canux
© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.