Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 27 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

CISOs: Five Ways to Ramp Up Your Security Strategy

by The Gurus
October 10, 2016
in This Week's Gurus
Share on FacebookShare on Twitter

Every day, and usually without organisations realising it, their networks are being breached. With confidential information exposed to the wrong eyes, secrets can become commodities capable of ruining well held reputations. We live in a world where network incidents are so common that no one can deny their existence. As attacks proliferate, problems mount. With the attack surface continually growing, more devices being plugged into networks, and growing volumes of data, the challenges for corporate leaders are more complex than ever. Fortunately, most enterprises are taking steps to increase their defence, but the security strategy does not become effective by merely adding another layer of software to the stack. We need to rethink the entire approach.
As most security professionals will attest, the task of setting up, maintaining and altering an integrated enterprise security system – often containing multiple vendor solutions – is not simple. What is important is knowing what type of solution to implement and why. The first step to combatting this challenge is to examine a number of common variables at work that point towards why cyber security problems continue to grow despite the availability of innovative solutions in the market.

Expanding networks. Agile hackers. Let’s look at the variables.

  • Networks continue to grow with each user connecting multiple devices into the system.
  • Attackers are more agile than most organisations and can afford a ‘low and slow’ approach before pulling the trigger.
  • The explosion of social networking and the subsequent high volume of data & users it has created, helps hackers get easier access into corporate networks.
  • The widespread reach of black markets and rampant utilisation of automated systems has created a marketplace primed for maleficence.

Understand. Articulate. Act.

Where is a cyber security professional to begin when the stakes are set against the corporation? The key is better preparation. Below are five steps that will provide an approach to help build a strategy that offers the potential to outsmart the attacker.

  1. Stop guessing. Assume your enterprise has already been breached. This is where detection technology is critical. Implementing a signature-based system is helpful but it is not sufficient. What is needed is a system that detects behaviour anomalies by correlating seemingly disparate events. Think of a security guard on patrol, noticing potentially unrelated incidents that he can then tie together. He sees a security light has gone dark; this is not necessarily cause for alarm, but it could be if there is broken glass where the bulb was broken. Thus, it is the pinning together of isolated events that could shine light on abnormal behaviour that leads to the discovery of a malicious intruder.
  1. Assess the most critical assets and potential compromises within your network.

For example, are your end users reliant on mobile devices? Are your employees constantly working remotely or on-the-go? The 2015 Cyber Threat Defense Report shows that 59% of respondents experienced an increase in mobile threats over the past year. If you have a mobile-heavy workforce, make sure you’re monitoring all apps and mobile traffic. Also, know the storage location of the most critical assets of your organisation, such as corporate IP, client info, project plans, etc., and have consistent management of access permission settings.

  1. Understand your risks and core infrastructure. You must be aware of the most vulnerable risks posed to your organisation in the event of a breach. What assets pose the greatest danger to your stability if they fall into the wrong hands? What is the level of security as defined by your existing cyber security stack? How much of your resources have been deployed to your perimeter versus the network core?
  1. Articulate. Learn the way in which your organisation’s Board of Directors communicates and receives information best. They typically do not have time to review hundreds of metrics; therefore, you must be able to organise your findings in a succinct, action-oriented manner that makes it easier for the board to make decisions that help your organisation. They certainly have the means to move resources. Make them your advocates.
  1. Act. Once a plan is in place, execution is vital. Make sure you put the necessary time and effort into building a resilient and secure system prepared to fight off invaders both inside and outside the firewall. In the end, it will save your organisation valuable time and money while protecting your reputation.

Securing your network from the inside out via detection is crucial. Since we know that more than 90% of networks already have intruders present, we must take steps to detect their presence, identify how they got in, and make a plan to protect the network from future intrusion.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Threat actors master ‘False Flags’ tactics to deceive victims and security teams

Next Post

Isolated data key to combating ransomware attacks

Recent News

Synopsys discover new vulnerability in Pluck Content Management System

Synopsys discover new vulnerability in Pluck Content Management System

March 24, 2023
Dole Food Company

Dole confirms employee data was breached following February ransomware attack

March 24, 2023
call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information