GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Death and Taxes—and you can add this to the mix    

IT Budgets

The phrase is attributed to Benjamin Franklin, who coined it after the U.S. Constitution was signed in 1787—“In this world nothing can be said to be certain, except death and taxes.” Two hundred thirty-two (232) years later, Ben’s somewhat cynical quote can be amended to include “…and falling victim to a cyberattack.”

Today, the attack surface is so broad and the evildoers too plentiful to totally escape from becoming a target. Security is a multi-pronged approach that needs regular testing, consistent monitoring and ongoing employee education. If changing passwords or patching solves ninety-five percent (95%) of your security exposure(s), that’s great. That’s a high percentage. But it’s that five percent (5%) that’ll kill you.

Patch and Policy Management

The WannCry ransomware attack of 2017 infected a quarter million computers worldwide and racked up an estimated $8 billion in damages. But two (2) months prior to the WannaCry assault, Microsoft released a patch that would have protected victims against it. Obviously, many organizations didn’t apply it. So, it’s pretty simple. Patch systems, servers, firewalls, et al. Patches aren’t issued for kicks and grins. Here’s a good start: get vulnerability reports automatically pushed to you by clicking here.

Educate employees

You’ve heard it time and again because it’s true—employees are the weakest link in your organization’s security chain. A solid security posture isn’t dependent solely on one (1) department. It’s everybody’s issue and responsibility.

And senior executives must get behind this training initiative. But it’s not just about the basics, like telling employees not to open emails and/or links from unknown senders. For the training to accomplish its goals, leaders within the IT organization need to better educate themselves on threats, both past and current, and ensure the curriculum comprehensively covers the many ways in which organizations are breached, including how they can be prevented.

Automation for regulatory requirements

The regulatory climate is highly complex, especially for certain industries, such as the financial sector and healthcare. Trying to manually manage compliance can open organizations up to penalties from which they may never recover. The answer can often lie in automation and utilizing it to address elements that exist in multiple regulations. For instance, different elements have begun to converge, such as cybersecurity and fraud prevention. If each is included in separate regulatory requirements, they may be able to both be addressed through automation, which will provide accuracy and speed to these processes.

Suppliers

Data security isn’t just an internal issue. Consider supply chain management. It digitally intertwines organizations. If you’re entrusting customer data to a 3rd party, keep in mind that your security is only as good as theirs.

Test your security posture, then test it some more

When should you test your security plan? Early and often. Understand how it does and doesn’t work, where are improvements needed, and how your staff responded. Then, good or bad, share the information with senior leadership. Relaying the lessons learned can help run interference when you’re making the case for a larger security budget.

Backups

This is what can’t fail—period. And it must be regularly tested—no exceptions. It’s estimated that almost a third of companies don’t back up their critical data. Yikes. And, according to a year-old Boston Computing study, over fifty percent (50%) of companies that experience a significant data loss are forced to shut their doors within six (6) months. You must ensure your backup and (DR) disaster recovery plans are tried, tested and air tight.

Security Experts extraordinaire

To find out how to secure your organization’s network and protect its mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, cyberattacks and how to stay steps ahead of the bad guys, read more about it here:

If you doubled down on Russia, your bet’s safe

What happens in an ATM, doesn’t always stay in an ATM

Google launches itself into cybersecurity space

Getting Stuffed at Dunkin’ Donuts?

Security Myths Debunked

State of the Union address focuses on technology–briefly

The technology arms race was just amped up

Apparently, cyber attackers also consider imitation to be the sincerest form of flattery

Last week’s DHS “alert” upgraded to “an emergency directive”

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

]]>

Author

Share this article

You might also like:

NCAA basketball coaching legend Bobby Knight once said: “Good basketball always starts with a good defense.” Winning teams understand their opponents’ strengths and weaknesses, as well as their own. They study their opponents’ plays and anticipate their next moves. The same concept is true for cybersecurity, which is why, at

GDT is committed to supporting #WomenInTech. In this interview, Sr. Bid Manager Peggy Debrowski shares insights into her journey, challenges, and triumphs as a woman in the technology industry. From her role evolution to her passion for empowering women, Peggy’s narrative inspires and encourages aspiring professionals. Sydney: How long have

Welcome to our February edition of our GDT Employee Spotlight. Our Culture & Engagement Manager, Sydney Johnson, interviewed Anirudh Raghavan, Associate Solutions Architect, with our Professional Services team this month. SYDNEY: Hi, Anirudh! Thank you for taking the time to answer my questions for our February Employee Spotlight. You have