Computer security is no longer just the preserve of the CEO and the IT department, the threats have become so ubiquitous that illegal entry points are numerous and the consequences of a violation are so severe that every member of the organization must have a participation and active role in the protection of information against cyber threats.
Here gives some tips that range from basic to advance. Some organizations have already addressed some or even many, but not all have addressed the issue adequately.
Focus on what matters: Identify and document critical functions for the business and information assets that must be protected against cyber attack.
Be aware of the risks: No matter how strong are the current security measures, cyber criminals probably know how to avoid them. Therefore, an approach based on the risk of cyber-security, which prioritize risks according to their likelihood and impact that can effectively manage their exposure to the cyber risk is needed.
Known to your friends: To help combat this situation, it is necessary to make extended relationships of supply chain inventory, subcontracting, alliances, clients, suppliers, contractors, etc. Include anyone who has access to the IT infrastructure, and seek to ensure that are protected from cyber threats.
Become a detective: We need to develop capabilities to detect threats to their critical business functions, information assets and operational continuity. Through centralized monitoring of your systems, you can detect threats in real time, allowing you to respond quickly enough to mitigate the negative impacts.
Develop plans: When it comes to cyber attacks, prevention is only half the battle. Even the best systems and watchdog organizations may be compromised. That’s why it is necessary to set procedures to react to cyber attacks, from points of view trust, legal, technical, business, organizational and brand.
Break your own doors: Contents cybernetic simulations that can help prove the effectiveness of the emergency measures of the organization and the ability of their systems to detect intrusions and withstand attacks. This will improve both the plans of resistance and defensive strategies for rapid recovery and return to work.
Protect what is vulnerable: Cyber criminals increasingly evade current security controls to attack vulnerable applications. To protect critical business systems, ensure timely patching and software updates for your assets at risk.
Be Smart: Improve the capacity of the organization to proactively detect and mitigate imminent and emerging cyber threats, exploiting knowledge of industry associations, as well as sources of commercial and open source intelligence. If internal or external skills are built, the key is the establishment of the intelligence capabilities of proactive cyber threats.
Keep your reputation jealously: Companies that suffer a cyber attack face more than just the financial loss. Also run the risk of brand damage and loss of public confidence. To protect the reputation of the company, you need to know who is talking about the brand and is being said. By constantly monitoring the brand online, you can often prevent a trademark, copyright, and other intellectual property infringement. More significantly, by improving their cybersecurity posture, you can even protect your corporate assets and confidential customer and employee data from the beginning.
Encourage cyber awareness: The weakest link in cyber security is not technology, is the people. Social engineering attacks that use phishing emails targeting other techniques often trick users to disclose confidential information or mislead them for downloading malware. This makes it easier for attackers to penetrate the network without having to resort to more traditional methods of hacking. For this reason, educating employees to ensure that these are aware of these risks and threats is essential.