Companies can realize big cybersecurity gains by making small changes

Best practices include altering behavior, tighter management to fend off the bad guys

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Octo­ber is Cyber Secu­ri­ty Aware­ness Month, so des­ig­nat­ed by Pres­i­dent Oba­ma. It’s a good oppor­tu­ni­ty to advance the dis­cus­sion about how we must all work togeth­er to make the Inter­net safer.

In the accom­pa­ny­ing pod­cast, Idan Tendler and I out­line how we got to where we are today. That sets up dis­cus­sion about trends and pat­terns in motion that sug­gests the bad­ness fac­tor of the Inter­net can and will be mit­i­gat­ed over time.

Tendler, founder and CEO of Fortscale, is a ser­i­al entre­pre­neur steeped in the fields of net­work secu­ri­ty and threat intel­li­gence. Before found­ing Fortscale, Tendler was a lead agent of 8200—the cyber war­fare divi­sion of the Israeli Defense Forces.

As we dis­cuss in this pod­cast, soci­ety is deal­ing with secu­ri­ty and pri­va­cy chal­lenges that were unimag­in­able just 10 years ago. This is so because, on a dai­ly basis, we all use search, email and file shar­ing. Many of us live and die by our pro­duc­tiv­i­ty suites, CRM and cloud storage.

More: Com­pa­nies of all sizes are under attack

No ques­tion, this has made us more pro­duc­tive, by many mea­sures. But it also has opened end­less vec­tors of attack—wide-open door and win­dows through which those with crim­i­nal intent can intrude.

Chang­ing pass­words, updat­ing antivirus, being wary of attach­ments and links are absolute­ly nec­es­sary, going for­ward. But it isn’t enough. Much more needs to be done at the macro lev­el, by the pri­vate and pub­lic sec­tors, and by the indi­vid­ual, as well, by those at the top, and those at the grass­roots level.

As Tendler and I dis­cuss in this pod­cast, no sil­ver bul­let exists, but the good news is that big gains can result from the embrace of sim­ple prac­tices. Much can be gained by tighter man­age­ment of priv­i­leged user accounts, for instance. And behav­ior analy­sis technology—used suc­cess­ful­ly by the finan­cial ser­vices indus­try to mit­i­gate pay­ment card fraud—is being rapid­ly adapt­ed to detect­ing nefar­i­ous activ­i­ty by net­work intruders.

Give it a lis­ten and join the discourse.

More on cybersecurity:
When it comes to cyber­se­cu­ri­ty, gap between IT, board­room must be bridged
Third-par­ty ven­dors are the weak links in cybersecurity
Wors­en­ing IRS hack shows cyber­se­cu­ri­ty too low a priority
The fed­er­al gov­ern­ment needs a cyber­se­cu­ri­ty marathon, not a sprint

 


Posted in Cybersecurity, Featured Story, News & Analysis