A holistic approach to combating cyber threats

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

We seem to hear about a major cybersecurity breach or a ransom-ware attack almost on a daily basis. And this isn’t going to change anytime soon and the main reason for that is the Internet was never meant to be used the way we are currently using it. 

This is where the Internet started – Room 3420 at the University of California, Los Angeles’s Boetler Hall. This was the home of UCLA’s Network Measurement Center and back in 1969 the Advanced Research Projects Agency Network (ARPANET) which developed the network that became the basis for the Internet. It existed as a channel for physicists to pass research back and forth. It was a small, closed community. However, this design was robust enough to be scaled up many orders of magnitude to the Internet of today without any fundamental changes to the design or security model. We now use the Internet for banking, business, education and national defense. We helplessly rely on the Internet for everything, yet it is riddled with holes and glitches. Also, many of the software and web applications that we use has bugs with exploitable security holes that the bad actors are taking advantage of. To make it worse, many in the leadership team at organizations worldwide are unaware of the cyber threats. Their usual mentality is –

” We haven’t had any breach yet, so we don’t need to ramp up investment in cybersecurity”

No, chances are you already have a bad actor lurking in your organization’s system, waiting to strike. The chance of every organization having a data breach is 100%. Here is what a former FBI Director said at a security conference regarding this:

The impact of a major cyber-attack to an organization’s brand, reputation, and business operations can be catastrophic. Weaknesses in information security can jeopardize your mission, threaten your profitability, and invite fines and penalties from regulatory bodies.

Answering the question, “Is an organization secure?” requires a comprehensive assessment of its operating environment and its specific business needs. Ultimately, implementing a cost-effective cybersecurity framework includes careful consideration of how you identify, protect, and recover critical assets, as well as detect and respond to security breaches. Unfortunately, what I have seen at different organizations is that majority of the efforts have been heavily skewed toward finding technological solutions. Yet, experts estimate that between 70-80% of the cost attributed to cyber-attacks is actually a result of human error. Things as simple as clicking on a malicious link, opening the wrong email attachment, using a public WiFi or using an insecure USB drive can be devastating to network security. The strongest security network in the world is only as good as the human with the password.

Cyber risk mitigation is a journey, not a destination. With each step in the process, the organization has an incrementally better cyber risk mitigation posture. As the cyber threat landscape changes – with new risks, new vulnerabilities, new businesses, the journey continues. I recommend a series of recursive steps for every organization to use by following a well known security framework to create a new cybersecurity program or improve it’s existing cybersecurity program. It’s critical that the Cybersecurity practice addresses any weaknesses in the organization’s functional structure (people and processes), before turning to technical products as potential solutions.

In the movie Matrix Reload, Neo was seen successfully stopping bullets by waving his hand. If you are in charge of cybersecurity or operations at your organization, you will have to stop all the cyber attacks coming at you. If you let one of them pass through, you may end up having a major data breach and maybe out of a job. I hope your organization starts taking the necessary actions to secure themselves and not be the next cyber breach news we read about in the media.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
19 Followers
About Zartech
We help organizations work towards a steady improvement in their cybersecurity efforts. Our unique solution help more effectively manage cyber risk by leveraging its intelligence in merging and mapping cybersecurity frameworks against organization's existing and future posture, providing automatic tracking of all identified gap remediation efforts, along with full control of security road-map development. Our team of senior level practitioners has worked at some of the largest companies and government organizations in the world. We have designed and run Cybersecurity programs affecting 75,000 employees & 500+ departments | Contact us today @ 1-214-631-9353! We look forward to working with you in building or enhancing your security program.
Promoted Content
Just 3 Steps To Start Your Journey to Becoming Cyber Secure
Cyberator is an all-in-one cybersecurity tool that simplifies the complexity of assessments, by leveraging its intelligence in merging and mapping cybersecurity frameworks against the existing and future posture of an organization. It provides automatic tracking of all gap remediation efforts, along with full control of roadmap development, based on simple answers to a sophisticated tool that queries their environment. So, with just 3 steps – completing the self-assessment, reviewing the comprehensive report with the security expert and by taking action, organizations can start their journey to become cyber secure in less than ½ a day.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel