Earlier this month, credit reporting company Equifax disclosed that hackers had accessed the names and social security numbers of approximately 143 million of its US customers.
No one wants to be the next Equifax and it’s a safe bet that at this very moment big and small businesses across the country are scrambling to bolster their cyber fortifications.
It’s not an easy feat. But Steve Martino, chief information security officer at Cisco, has developed some clever techniques through years of fighting the bad guys.
Cisco employees are constantly kept on their toes as Martino probes them for weak spots and drills a defensive mindset into them.
Martino sat down with Business Insider to share some of his key tactics for creating an organization that won’t become the victim of the next big cyber attack. Here’s what he recommends:
Kill your click-throughs
In online business, big click-through rates are great: it means customers are clicking on links and web pages to buy stuff.
Inside a company though, high click-through rates can be deadly as a daily barrage of phishing emails and other nefarious tricks try to entice susceptible employees into clicking a dangerous link.
Martino sends out fake phishing emails to Cisco’s entire staff every quarter. Anyone who clicks on the phishing link is brought to an employee training video to teach them how to avoid engaging with suspicious emails in the future. The method works because it helps every employee understand their role in protecting their company against attacks.
“We’ve been able to reduce our click through rates by over 60% by giving them that training,” Martino says.
Protect your treasure
It’s extremely difficult to protect against every possible method of intrusion, so it’s best to focus on protecting the most important data. Figure out which customer and company data is most sensitive, as well as which portals of entry are most vulnerable, Martino advises.
“If you don’t know what your key things are, you’re trying to protect everything and you probably protect nothing,” he says.
Seek and destroy
Expect that attackers will get through some of the time and actively seek out the intruders.
“You have to recognize that in today’s interconnected world, no matter how much you deploy, mistakes will happen,” Martino says. From employees that click on phishing emails, to programmers that build buggy software, human mistake is often at the heart of security.
“Hackers are dedicated, and well funded adversaries, and they’re going to find errors in software,” says Martino.
Because of this, it’s vital that security teams actively look for existing breaches.
One way to do this is to look for cybersecurity software which can work together, so that when something goes wrong at one point in the security process, protections are in place to prevent it from going any further.
Practice “fire drills”
Every student and office worker knows how to get out of the building fast if there’s an emergency. The same should be true for responding to cyber threats.
Martino recommends that management teams set up a cybersecurity playbook with defined steps that the team needs to take should their worst nightmares come to fruition.
Once the playbook is established, and roles are doled out to the staff, companies should run drills for security breaches the way that schools run drills for fires: The more a company practices, the better prepared staffers are when something does go wrong.
Spread the word
Davis Turner / Stringer
While a playbook is vital for the cybersecurity team, it should also include a prepared responses from other departments — especially the communications team.
Most states have security breach notification laws that require companies to disclose when consumers have been impacted by a hack. Companies also need plans for how to notify their board of directors, and other major stakeholders at the company. And don’t forget to prep an apology statement to send to the press.
“If you don’t have a disaster response playbook, you’re going to try to make it up on the fly and make a lot of mistakes,” Martino says.
We hope you enjoyed reading the above post. How about helping us share the information to your fans and friends on social media? Meanwhile, you can rely on us daily for the latest and relevant free forex trading signals, free forex trading market news, free forex trading technical levels, weekly Pool draws, latest news from Nigeria and the world, educational articles and quality academic information, insurance news and scientific knowledge.
Do you need a classical ORGANIST or an excellent music teacher? CALL Fabian on 08033983034 or email him at firstname.lastname@example.org
Follow us on twitter @newsbeatportal
Engage #SantexTech today to build & install inverters, training on inverters & other electronic designs, projects/kits. Call 08039574535
Click to join Talk Nigeria Today, a group where hot, controversial, and breathtaking issues are brainstormed upon.