The Lost Stages of Cybersecurity
The Lost Stages of Cybersecurity
Looking to bolster your cybersecurity stance? Read on to see what organizations can do to fight back against the bad guys.
Join the DZone community and get the full member experience.Join For Free
When deploying cybersecurity systems, companies often copy ready-made solutions. However, what helps one company can hurt others.
Different companies, as a rule, form unique puzzles from various IT systems, devices, types of data, price of information, etc..
Executives of some companies think that security is just the installation of software protection tools. The installation of a firewall and intrusion detection software is often used as an effective means of protecting information and fighting against hackers. But if an employee leaves a password on a phishing site by mistake or clicks on a boobytrapped email attachment or intentionally discloses his passwords to third parties, even the most advanced software will not solve the problem of cybersecurity.
Other companies spend enormous amounts of money on security where it is not required. The placement of armed guards around the perimeter of the building sounds impressive, but if the main threat is an unauthorized remote access to objects of intellectual property or confidential information, such security is of little use.
Cybersecurity is a process, not a product. This process is built by identifying potential threats and applying adequate security measures to them. The process of cybersecurity cannot be standardized. The several steps below will teach you how to start securing your company:
1. Identify and Systemize all Data
In order to start applying information security, it is first of all necessary to determine which objects we will spend our efforts on. Often, companies do not even know where confidential information is stored. First of all, you should answer the following questions:
- What information, networks, processes are we going to protect?
- What information systems are involved and where are they located?
- What legal requirements should be observed? (ECPA, HIPAA, FCRA, etc.)
2. Risk Assessment
The next step is to assess the potential risks that threaten information security. This includes:
- Identify all possible internal and external threats.
- An assessment of the likelihood that the threat will materialize.
- Assessment of potential damage (legal, physical, monetary, reputational, etc.), in the event of an incident.
- Evaluation of policies and procedures that should be followed in case of an incident.
Risks are assessed based on the nature of the business, the value of stored information, the size, and volume of transactions and their number. The purpose of the assessment at this stage is to determine the level of acceptable risk. Understanding this level makes it possible to assess the necessary financial investments in combating potential risks.
3. Create and Implement Your Security Program
Based on the results of the risk assessment, a security program should be created and implemented. The security program consists of physical, technical and administrative security measures to manage and establish control over the risks identified during the initial evaluation.
Remember, the security program is designed to reduce risks to an acceptable level.
7 fatal errors lead companies to failures in cybersecurity:
- Using only software protection (antivirus, firewall).
- Using common templates for security policies.
- Lack of knowledge of data location.
- Lack of knowledge of the legal requirements on the turnover and data storage.
- Lack of value data assessment.
- Lack of understanding of an acceptable risk level.
- The inability to calculate a reasonable level of costs needed to maintain and control a reasonable level of risk.
Opinions expressed by DZone contributors are their own.