Moving Toward More Proactive Cybersecurity

Moving Toward More Proactive Cybersecurity

As the cyberlandscape continues to evolve, so do the methods of attack used by cybercriminals. And it isn’t just outsiders you have to worry about; insiders can be responsible for data breaches too. Given all the moving pieces, it’s no wonder the state of cybersecurity has become so serious. 10 Steps to Proactive Security offers recommendations for approaches to help keep your users safe and your stakeholders happy. Get a peek at the first three below:

  1. Shift the conversation to risk

Conversation around cybersecurity is often framed as a binary; you’re either secure or you’re not. News flash: there is no all or nothing in cybersecurity. We need to frame the discussion in terms of risk, and the levels of risk your business faces.

First things first: identify the risk. How damaging could a data breach be to your company’s bottom line or reputation? And this isn’t just a concern for big businesses; small businesses are targets for cybercriminals too. Where there is data, there is risk.

  1. Understand the environment and define the crown jewels

Once you’ve identified risk, you can define the most important things (and people) to protect; these are the “crown jewels,” if you will. This encompasses applications, systems, data, process, and access points—as well as employees. If hackers compromise your chief financial officer’s laptop, for instance, that could be devastating.

Heighten security around these items and regularly review security policies for them. You can’t secure everything, but you can help ensure that those items with the highest risk are thoroughly protected.

  1. Implement good cyberhygiene

Next, focus on the fundamentals; make sure your cyberhygiene is up to par. This is where you need to do things right—using the right technology, the right processes, and the right effort to improve security and reduce the risks you’ve identified.

It’s often the simplest types of cybersecurity attacks that succeed, like a phishing attack or a malicious email download, so it’s important to remain vigilant with protections such as a strong antivirus, persistent patches, and frequent user access and permissions audits.

Want more moves for staying ahead of hackers? Get the rest in 10 Steps to Proactive Security.

Tim Brown is at the front line of the most vexing challenge facing organizations today: IT security. Tim is currently the VP of security for SolarWinds with responsibility spanning internal IT security, product security, and security strategy. As a former Dell Fellow, CTO, chief product officer, chief architect, distinguished engineer, and director of security strategy, Tim deeply understands the challenges and aspirations of the person responsible for driving digital innovation and change. Tim has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Nationally, his trusted advisor status has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. He has been on the board of the Open Identity Exchange and a member of the Trans Global Secure Collaboration Program, driving advancements in identity frameworks and working with the U.S. government on security initiatives. He is a member of the advisory board for Clemson University and holds 18 issued patents on security-related topics. Tim has presented on security before a wide number of audiences at a range of events including but not limited to: RSA, Annual Symposium on Information Assurance, Cloud Security Alliance, DISA Conference, DSG Security, Dell World, Dreamforce, ISACA, Intech Forums, Lloyds of London, IoTSSA, National Association of State Technology Directors, The Open Group, and before the U.S. Congress and the White House.