Counterintelligence Series #3: Data Security
Cybersecurity is one of the hottest topics being kicked around boardrooms. Attacks are becoming more frequent and intense. Organizations have witnessed a 42 percent increase in hacking, a 39 percent spike in malware and a 23 percent rise in financial theft over the past two years. Globally, cyber-crime is expected to reach $2.3 trillion by 2020.
Social engineering, spying and espionage, hacking and attacking for disruption, and attacks by nation states are all on the rise. Firewalls and malware protection are not enough to protect your data. If cyber-security isn't a top priority at your company, it is probably your greatest liability.
You can prioritize your protection without neglecting any one area. Below, you will find an 8 headed defense plan.
1) Governance. Establishing a framework for managing systems and people effectively is critical. This also translates into business rules, approved code and API libraries, and guidelines for controlling systems across business units, departments, and geographies.
2) Authentication methods. Strong authentication is no longer an option; it's a necessity. An enterprise must require solid passwords and, in many cases, use two-factor authentication or automated tokens. It may also require single sign-on and possibly biometrics, such as fingerprints. Facial recognition is a bad idea since it is so easily defeated.
3) Encryption. Sensitive data should be encrypted at rest and in motion. An organization must ensure that servers, cloud storage, laptops, and other mobile devices use encryption. E-mail, chat streams and other communication tools tap encryption for sensitive data or information, also.
4) Mobile Device Management (MDM). MDM is a wise choice for many enterprises. It puts essential controls and oversights on smartphones, tablets, and other mobile devices. It also allows an organization to wipe lost or missing devices, control which applications are loaded onto devices, and commission and decommission devices as needed.
5) Backup, archiving, and storage. A true countermeasure, ensuring that all data is backed up and readily available can determine whether an organization swims or sinks after a breach. Without full backups, an organization may not be able to get systems back online in a timely manner. This may result in reduced sales and service. In the event of a ransomware attack, a lack of backups may end up requiring you to pay out a fee, which can reach tens of thousands or even hundreds of thousands of dollars. Your data can't be held hostage if you have duplicated it.
6) AI and analytics. The ability to analyze systems and use sophisticated artificial intelligence and deep learning methods to spot and address anomalies can make or break security efforts. These systems, while still emerging, are an increasingly important weapon in cybersecurity defense.
7) Tech components. It's important to have the right IT tools and solutions in place, both on-premises and in the cloud. The most advanced cloud infrastructures, sometimes part of clustered systems, offer advanced security technologies that are seamlessly integrated into databases and applications. This introduces uniformity rather than taking an ad hoc approach, and allows IT departments to focus on more strategic matters.
8) Employee education and training. By some industry estimates, nearly half of all breaches involve human error. Phishing, whaling and other attacks can be mostly prevented when employees know how to spot attacks. Education and training must also extend to the boardroom and across the C-suite. Proactive leadership can greatly reduce cyber-risk.