January 10, 2024 | Posted in News
This year, cybercriminals will be as busy as ever. Are your departments ready to fight them?
Make your organization future-ready build your organization’s security awareness and skills:
Invest in your existing staff
The best sources for raw talent are in your pre-existing networking and system groups. Individuals in these groups already have a sound grasp of IT infrastructure, where most security attacks are likely to manifest. They can build upon this infrastructure foundation by adding cybersecurity skills, and they will also buy into the organization long-term when they see you are willing to invest in their education, certifications and career opportunities.
Assign someone in your staff to be a security analyst
IT security analysts research trends and security incidents around the world so you can anticipate what the security threats of the future will be and be ready for them. Most companies don’t have this position, which is why they get caught flat-footed when a new security threat emerges. Cybercriminals work 24/7 to develop the “next best attack.” Your company should be forward-thinking and proactive about security as well.
Create a budget reserve for security
IT departments budget for security threats they’re already aware of, but nothing is allocated for the threats IT doesn’t know about yet. If an unforeseen threat emerges, you have to have the budgetary wherewithal to purchase the tools to fight it. A reserve budget that can be activated for that purpose without having to go through lengthy budgetary exception approvals should be in place.
Make security awareness a cultural trait in your organization
Employees are a major source of security breaches. Unfortunately, many companies relegate employee security training to the fundamentals.
Employee security training, policies and practices should be fully and clearly documented, reviewed annually with employees and continuously emphasized by the CEO, the CIO, HR and other C-levels executives so they are deeply ingrained in your workforce.
Secure the edge of your enterprise
Globally, there will be over 25 billion IoT devices in use by 2030, and enterprises will be major users. With the growth of remote employee workforces and the distribution of more IT to the edges of enterprises, it will be imperative for IT to provide the same robust security at the edge as it does in the data center.
To patrol the edge, IT will need to do these six things:
1 Implement zero-trust networks that can monitor and administer employee access and permission levels.
2 Administer timely security updates for all edge IT assets.
3 Set security on all new incoming IoT devices so they conform to company standards.
4 Provide secure physical cages for IT equipment at the edge when it is not in use.
5 Ensure that edge employees and managers are thoroughly trained in IT security policies and procedures.
6 Include IoT edge and cloud in your DR plan and test them.
In conclusion: How much security is enough? If you’ve firewalled your network, installed security monitoring and interception software, secured your servers, issued multi-factor identification sign-ons to employees and implemented data encryption, but you forgot to lock physical facilities containing servers or to install the latest security updates on smartphones, are you covered?
Your comments will be welcome; if you need any assistance, let me know. You can reach me under hjschumacher59@gmail.com