February 7, 2018 - Cyber security (or cybersecurity, whichever you prefer) is always in the news due to some kind of breach or another. There's no question that the next breach is probably right around the corner. And with the GDPR deadline fast approaching, organizations are more motivated to ramp up their cyber security. Everyone is focused on how to protect their systems and their data. This issue looks at some past issues and some new approaches to the problem.
On May 25, 2018, the European Union will begin enforcing the new General Data Protection Regulations (GDPR) that will create one data protection standard throughout the EU. These regulations were designed to create a unified standard for personal data privacy and to simplify the enforcement of data privacy laws throughout all EU countries. What some organizations are surprised to learn is that these regulations go beyond the physical confines of the EU and apply to any organization that collects or holds information on EU citizens.
Cyber Security represents the ability to defend against and recover from accidents like hard drive failures or power outages, and from attacks by adversaries. The latter includes everyone from script kiddies to hackers and criminal groups capable of executing advanced persistent threats (APTs), and they pose serious threats to the enterprise.
The first six months of 2017 saw an inordinate number of cybersecurity meltdowns. And they weren't just your standard corporate breaches. By July, there already had been viral, state-sponsored ransomware, leaks of spy tools from US intelligence agencies, and full-on campaign hacking. And that's just the beginning. Can we learn from these to help protect us in 2018?
While banking, finance and real estate are the so-called usual suspects by being ahead of the curve, even industries like education, social media and security are being disrupted by blockchain-powered startups. Blockchain technologies are, after all, the culmination of decades of research and breakthroughs in cryptography and security.
It's almost impossible these days to avoid media coverage of Russia's role in hacking the 2016 election. So it was in 2015, when news broke that Chinese hackers had breached the U.S. Office of Personnel Management. For the public, it's usually these kinds of incidents that come to mind when they hear the term "cybersecurity." They are complex and costly, and cast doubt on the trustworthiness of our major institutions---from government to banks to the electric grid. Yet multiple surveys show that Americans tend to ignore even the most basic security measures with their own digital devices.
Executives responsible for cybersecurity need to understand how a good cyber communications function works, and they need to make it a regular part of any conversation related to information security or risk management. While it may seem like this is the last thing a CSO should be thinking about, recent incidents prove that the stakes are way too high for communications planning and response to be delegated entirely to someone outside the security team.
Copyright (C) 2018 Attainium Corp - All rights reserved.