Cyber security is the most prominent risk facing company Boards of Directors and executives worldwide. We are inundated almost daily with accounts of major corporate data breaches and compromised networks. Recent high-profile attacks such as the targeting of point-of-sale terminals at Target, Home Depot, and Staples, server software at JP Morgan, and employee databases at Sony, demonstrate how vulnerable even the largest and most sophisticated companies can be. In this highly challenging environment, board members and executives are, not surprisingly, unsure of how best to protect themselves.
Proactive Prevention with a Focus on Cyber Resilience: A “How-To” Guide
The first and most important step is to take measures to prevent intrusions from occurring in the first place. Just as a proper diet, exercise, hand-washing, and regular flu shots are important to minimizing your odds of developing the flu, maintaining standard systems hygiene is critical to protecting your organization from being infiltrated by hackers. In fact, the Center for Internet Security claims that up to 80% of cyber attacks can be prevented by:
- Maintaining an inventory of authorized and unauthorized devices
- Maintaining an inventory of authorized and unauthorized software
- Developing and managing secure configurations for all devices
- Conducting continuous (automated) vulnerability assessment and remediation
- Actively managing and controlling the use of administrative privileges1