October 12, 2015

Companies can realize big cybersecurity gains by making small changes

Best practices include altering behavior, tighter management to fend off the bad guys

Featured Story
By Byron Acohido, ThirdCertainty
Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Octo­ber is Cyber Secu­ri­ty Aware­ness Month, so des­ig­nat­ed by Pres­i­dent Oba­ma. It’s a good oppor­tu­ni­ty to advance the dis­cus­sion about how we must all work togeth­er to make the Inter­net safer.

In the accom­pa­ny­ing pod­cast, Idan Tendler and I out­line how we got to where we are today. That sets up dis­cus­sion about trends and pat­terns in motion that sug­gests the bad­ness fac­tor of the Inter­net can and will be mit­i­gat­ed over time.

Tendler, founder and CEO of Fortscale, is a ser­i­al entre­pre­neur steeped in the fields of net­work secu­ri­ty and threat intel­li­gence. Before found­ing Fortscale, Tendler was a lead agent of 8200—the cyber war­fare divi­sion of the Israeli Defense Forces.

As we dis­cuss in this pod­cast, soci­ety is deal­ing with secu­ri­ty and pri­va­cy chal­lenges that were unimag­in­able just 10 years ago. This is so because, on a dai­ly basis, we all use search, email and file shar­ing. Many of us live and die by our pro­duc­tiv­i­ty suites, CRM and cloud storage.

More: Com­pa­nies of all sizes are under attack

No ques­tion, this has made us more pro­duc­tive, by many mea­sures. But it also has opened end­less vec­tors of attack—wide-open door and win­dows through which those with crim­i­nal intent can intrude.

Chang­ing pass­words, updat­ing antivirus, being wary of attach­ments and links are absolute­ly nec­es­sary, going for­ward. But it isn’t enough. Much more needs to be done at the macro lev­el, by the pri­vate and pub­lic sec­tors, and by the indi­vid­ual, as well, by those at the top, and those at the grass­roots level.

As Tendler and I dis­cuss in this pod­cast, no sil­ver bul­let exists, but the good news is that big gains can result from the embrace of sim­ple prac­tices. Much can be gained by tighter man­age­ment of priv­i­leged user accounts, for instance. And behav­ior analy­sis technology—used suc­cess­ful­ly by the finan­cial ser­vices indus­try to mit­i­gate pay­ment card fraud—is being rapid­ly adapt­ed to detect­ing nefar­i­ous activ­i­ty by net­work intruders.

Give it a lis­ten and join the discourse.

More on cybersecurity:
When it comes to cyber­se­cu­ri­ty, gap between IT, board­room must be bridged
Third-par­ty ven­dors are the weak links in cybersecurity
Wors­en­ing IRS hack shows cyber­se­cu­ri­ty too low a priority
The fed­er­al gov­ern­ment needs a cyber­se­cu­ri­ty marathon, not a sprint

 


Posted in Cybersecurity, Featured Story, News & Analysis