Wednesday, October 29th, 2014
5 Things Every CSO Should Do About Cyber Security NOW.
The last 6 months have seen an unprecedented level of cyber security breaches in major corporations. Coupled with high profile vulnerabilities like Heartbleed, Shellshock, & Poodle it feels like the enterprise is in a constant state of fire fighting or damage control.
Based on my experience in this sector, I’ve outlined the 5 key areas I believe a CSO needs to include when defining a strategy to secure the company data and business reputation.
1. Understand the Threat Landscape.
Cybercrime is a very complex business. The threats are constantly evolving and traditional technologies are struggling to keep pace with the threat landscape. Organisations need to adapt to the new world of big data and network analytics to help interpret the warnings from the network traffic. The world has moved on from 1st generation point security solutions to 2nd Generation intelligence.
2. Prioritise Cyber security
A recent report from E&Y indicated that 98% of CSO report to the CIO. In my view the CSO should have parity to CIO and report to CEO and board. Security can no longer be hidden away under IT. The challenge is too complex and new legislation has introduced severe penalties. With the potential for damage to the brand I believe Security & Compliance needs to be recognised on parity with general IT.
3. Decide on the Crown Jewels now
What are you trying to protect? Is it customer data? Is it financials? Is it just your website? Or does it go much deeper than this, to intellectual property and patents? Decide what’s crucial to you, and build security architecture around that.
4. Data Protection Legislation
In 2012, the EU Commission proposed a major reform of the EU legal framework on the protection of personal data. The new proposals will strengthen individual rights and tackle the challenges of globalisation and new technologies. The new EU regulations make breach disclosure mandatory. There are huge fines for companies who actively fail to disclose breaches of their systems. It’s a good idea now to begin discussing your company’s compliance to data privacy and breach notification regulations.
5. Have a Plan
Once you determined your risk profile and decided on your most critical information assets, decide how to deploy resources. If you are breached, you will need to deal with a fast-developing crisis with lots of moving parts.
– Have a proven Forensics plan in place. The chances are that a breach can be as much an insider threat as external and everyday companies run into incidents of employee misconduct, data breaches, and intellectual property theft. In the age of modern technology, data breaches, insider trading, and other security problems require extensive technological forensics.
– Have a Remediation plan in place. This sounds elementary but once a vulnerability has been exploited then additional breaches can happen in quick succession.
– Consider now the costs you might need to lay out, including any losses the breach may cause, consulting costs, potential liability, potential court cases, and insurance.
– Document a plan on how to communicate the breach with Media
If you want to find out more how to protect your organisation from the most sophisticated attacks, attend our high-level seminar in Belfast on November 7th. You can register for the event here.
Twitter : @smarttech01
Image via CyberAlert.com