Between
January 2005 and April 2018, there have been more than 8,000 recorded
breaches, with the number growing every day. With the recent Facebook
network breach exposing over 50 million records, we are reminded just
how devastating a data breach can be.
The
month of October is officially set aside as National Cyber Security
Awareness Month. Throughout the month, the theme for the holiday
emphasizes the importance of "Stop. Think. Connect." The message
encourages individuals to take security and safety measures, understand
the consequences of their behaviors online and to enjoy the benefits of
online connection.
Several
technology leaders have reflected below on the necessity of an IT
security team, and the importance of building a strong cybersecurity
strategy throughout the year.
Gary Watson, founder and CTO, Nexsan:
"Today's
connected world is full of security threats and vulnerabilities.
Unfortunately it's a natural tendency to overlook just how dangerous
hackers, ransomware, phishing and viruses can be. When you buy a bike
you should purchase a helmet for safety and security just as IT pros
should be purchasing the right protection for their technology. Equally
important is to have a second line of defense in place when the
inevitable does happen. During this National Cyber Security Month,
organizations should consider investing in archive storage - it's a
stable, reliable solution for storing data on a central, secure
repository, both at home and at work. My advice for IT pros navigating
through the modern technology world would be to buy your protection, put
on your helmet and enjoy the ride," said Gary Watson, founder and CTO,
Nexsan.
Stephen Moore, chief security strategist, Exabeam:
"Health
and wellness draw many parallels with cybersecurity. Patients must be
proactive with regular checkups-- as well as emergency visits or
appointments when they're sick or injured. Organizations that handle
sensitive data must implement constant security checks, as well as rapid
incident response and triage when needed-whether the attack is caused
by an insider threat, nation-state actor or cybercriminal. Those in the
medical field must be meticulously detail-oriented, constantly studying
and quick to react to new illnesses and injuries they've never
encountered before to cure their patients and help them thrive.
Cybersecurity professionals must have the same dedication and fast
reaction time to protect their businesses and customers' data. And it's
time they get some recognition.
October
is National Cybersecurity Awareness Month (NCSAM), a time to appreciate
those already working in the field that makes this data protection
possible-- and to highlight some of the benefits for those who may be
interested. Positive sentiments around overall job satisfaction, salary
and emerging technology show why cybersecurity is a great field to work
in - on top of the fact that you get to play a role in keeping important
information out of adversaries' hands.
A
recent report revealed that 80 percent of those in the field feel
secure about the future of their jobs, identifying the most satisfying
aspects as: always learning something new, defending companies and
catching threats and working with extraordinary people and teams. And
the salaries help- the median range is $75,000 - $100,000 per year, with
34 percent earning more than $100,000. They get to work with
cutting-edge technology on a daily basis-with most professionals finding
endpoint detection and response (EDR), user behavior analytics and
artificial intelligence (AI) to be the most helpful in pinpointing
cyberthreats. Plus, 75 percent agreed that advances in machine learning
and AI can make their jobs even easier-with adoption increasing each
year. Does this all sound exciting to you? Current pros recommend new
grads continuously learn new things, pursue new certifications, partake
in internships and perhaps, most importantly, do what you love.
This
NCSAM, we hope consumers and businesses continue to educate themselves,
cybersecurity professionals can take stock and be proud of their work,
and those interested in the field begin to take the steps needed to
enter and excel in it." - Stephen Moore, chief security strategist, Exabeam
Jeannie Warner, security manager, WhiteHat Security:
"More
than ever, cybersecurity is a moving target, and staying ahead of the
curve is a challenge. When you go online, it's a simple fact that you
are putting your personal data at risk. Breach Level Index found that
more than 3,000 records are stolen each minute, which translates to more
than 50 records each second. Even further, the recent Facebook hack
affecting upwards of 50 million accounts has proven that user data is
always vulnerable.
This
October marks the 15th annual National Cyber Security Awareness Month
(NCSAM). What began as a collaborative effort between government and
industry has possibly never been more relevant than now, serving as an
apt reminder to us all to not only be more conscious of cybersecurity
threats, but how we as individuals and businesses can proactively
mitigate cyberthreats. No one wants to be an easy target, so here are a
few security strategies to help organizations stay ahead:
-
Be
proactive and build applications with security in mind every step of
the way. It may take a bit more time or cost a bit more money, but it's a
solid investment to prevent media embarrassment and loss of trust from
your users and the public at large, all of which will negatively impact
your business. Be extra careful when using other social media logins for
federated identity or SSO code.
-
Encourage
employees to not reuse passwords. If a username/password pair is leaked
in a data breach, attackers will try these credential pairs on many
different web services. If you use the same password for multiple
services, this is one of the easiest ways for your account to become
compromised.
-
Don't
wait to remediate your vulnerabilities. It's better to be safe than
sorry. Patch all vulnerabilities no matter how small the possible damage
might be," said Jeannie Warner, security manager, WhiteHat Security.
Matt VanderZwaag, director of product development, US Signal:
"Recent
cyberattacks on major companies like Facebook, Instagram, British
Airways and more have proven that the threat landscape is becoming even
more complex and sophisticated. In fact, the US Signal 2018 Security
‘Health of the Nation' survey, revealed that 81 percent of organizations
witnessed an increase in cybersecurity challenges in the past year.
On
the 15th anniversary of National Cyber Security Awareness Month, it's
important think about how your organization can work to prevent and
mitigate cyberattacks. A few key strategies include:
-
Know
your data and your weaknesses: Document this information as your
starting point for ensuring the security of your data and IT systems.
This will help you identify your IT systems' vulnerabilities, so you
know where to focus your security efforts.
-
Get
defensive: Up-to-date firewalls, ad-blockers and script-blockers in
browsers, and email security products can block known malicious senders
and strip known malicious attachment file types.
-
Employ
strong password security: Everyone in your organization should use
strong passwords, making them as long and as random as possible.
-
Seek
out support. Not every organization has sufficient internal resources
to manage their numerous security and IT tools. Solution providers often
offer a team of experts to support the implementation and
monitoring-take advantage where you can!
The
bottom line is companies must invest in the right talent and solutions
to meet strict regulations like GDPR and defend against threats to
secure themselves for the future. NCSAM is the perfect time to refresh
security strategies and reinvigorate employee knowledge," said Matt
VanderZwaag, director of product development at US Signal.
Neil Barton, CTO, WhereScape:
"National
Cyber Security Awareness Month is a good opportunity for businesses to
reflect on the systems in place to protect the security of data at rest
and in transit. Using data automation solutions can help reduce the
risk, time and cost of deploying changes to, and updating data offered
within your data infrastructure. By limiting or negating the need for
manual input, which can better protect against security vulnerabilities.
In addition, the use of data automation software to conduct repetitive
development and deployment tasks frees up IT staff to ensure the data
infrastructure is delivering results with security top of mind," said Neil Barton, CTO, WhereScape.
Todd Kelly, chief security officer, Cradlepoint:
"Despite
the best efforts of the global IT community, cybercriminals continue to
make their way into what many believe are secure networks. The fact is
that when it comes to IT security, our businesses, organizations and
government agencies remain outmatched by hackers who are becoming bolder
and more sophisticated. Even while the network security industry
introduces more effective detection and defense solutions, the
traditional "fixed perimeter" based approach to network security is
quickly becoming obsolete. My advice this National Cyber Security Month
is to recommit to trusted security practices while adopting new
approaches that leverage wireless, software-defined and cloud
technologies. This is especially important as we move into the era of
the Connected Enterprise and the need for more agile and pervasive
networks," said Todd Kelly, chief security officer, Cradlepoint.
Scott Parker, director of product marketing, Sinequa:
"The
increased severity of security breaches due to cybercrime poses a
strategic challenge for federal and state security services. Increasing
efficiency and speed, controlling the means of communication used by
hackers, but also, and above all, anticipating the lead-up to such
actions, are all challenges that persist. In this mass information age,
the ability to surface information and insights from huge volumes of
structured and unstructured data is absolutely crucial in stopping
hackers. This National Cybersecurity Month, companies should look for
tools such as cognitive search and analytics technologies that surface
patterns and relationships along topical lines across disparate silos of
information. Being able to analyze and extract key information in the
fight against cybercrime as quickly as possible will revolutionize the
work of organizations mobilized in this struggle," said Scott Parker,
director of product marketing, Sinequa.
Gijsbert Janssen van Doorn, technology evangelist, Zerto:
"It's
typical that when an organisation thinks of cybersecurity, it often
looks to firewalls and intrusion detection software first. Yes,
protection is important; however, in a culture where attacks and
downtime are no longer a matter of ‘if', but ‘when', these precautions
are not enough. Organizations also need to be prepared for what happens
after a disruption, and will be judged not only on keeping people out
and data safe, but also on how quickly they are back to functioning as
normal - how resilient they are.
In
a recent survey conducted by IDC, 93% of companies said they've
experienced a tech-related disruption, and 79% of those businesses lost
money either directly, or through paying for additional recovery
expertise.
The
US framework for National Cybersecurity acknowledges protection as a
key element of any company's defence, but equally important is the
ability to recover. Organizations need robust, comprehensive
cybersecurity plans that range from prevention measures all the way to
easily accessible, up-to-date backup as part of disaster recovery.
Platforms and tools that combine these capabilities and take advantage
of the latest technology - like cloud backups and DR sites - empower
organizations, in moments of crisis, to have faith in the plans they
have set up, support the business in rebounding from an attack and truly
prove the resilience of IT," said Gijsbert Janssen van Doorn,
technology evangelist, Zerto.