The 4th annual Washington Post Cybersecurity Summit this week examined all sorts of vital questions and issues. A particular focus was on the role of government in protecting society. As you would expect, there were very different opinions on Edward Snowden who broke the story on NSA’s cyber spying.
There was much more agreement on what corporates can expect. The assumption of many of the experts attending the conference was that companies need to understand that the issue is not: ‘Are You Going to Get Hacked?’, because inevitably you will be, the issue is ‘How Will You Respond?’
There are two answers
1. Train employees in best practices
Companies need to train employees to avoid behaviors that put corporate data at risk. Recent research has shown that a key risk revolves around employees bringing their personal devices into work. These workers need to be made aware of the vulnerabilities in these particular devices and refrain from downloading company data.
A survey of 1,500 European workers released this week from UK cybersecurity firm Sophos revealed that a quarter of respondents continue to store corporate information on their personal laptops and mobile phones. In addition, 19 percent of these workers admitted to losing a personal or mobile device at one point.
As well as training employees, companies need to make sure that third-parties have secure procedures. In a recent survey of cybersecurity; incidents involving former service providers, consultants and contractors rose 15 percent and 17 percent, respectively.
Global information security budget problem
Another problem is that, PwC’s Global State of Information Security Survey 2015, revealed that global information security budgets actually decreased 4 percent over last year. Furthermore, security spending as a percentage of IT budget has remained stalled at 4 percent or less for the past five years.
2. Respond effectively to a breach
Companies need to respond to a cyber breach by:
- analysing and understanding the causes
- take steps to make sure that this type of breach will not occur again
- feed back the lessons from the incident your employees.
Like this item? Get our Weekly Update newsletter. Subscribe today