Cloud computing technology providers are rapidly improving the effectiveness and efficiency of network security, and what we are seeing is just the beginning. If your business is not already taking advantage of cloud-based security solutions, chances are high you will benefit from this emerging market soon.
Companies have encouraged their workforces to be effective regardless of their location or the time of day, making wireless Internet connectivity the latest lifeblood of workforce productivity. These gains have been accomplished primarily by embracing Wi-Fi, which is not without added risk. Cyber spies and criminals have successfully targeted wireless networks for years, which in turn, requires increased vigilance both when deploying Wi-Fi networks and when training our employees to safely use Wi-Fi.
When the Department of Homeland Security purposefully dropped data disks and USB flash drives in the parking lots of federal agencies and government contractors, 60 percent of the found objects were inserted into an agency or contractor network.
Removing the power from a computer not only results in lost volatile memory, much of which can be critical to a forensic investigation (and should be imaged), but also may lead the intruder to establish other points of entry.
The Federal Communications Commission developed “Small Biz Cyber Planner 2.0” by teaming with members of the public and private sector, including the Department of Homeland Security, the National Cyber Security Alliance and the Chamber of Commerce.
In early May, the FTC’s Chief Administrative Law Judge held that in an enforcement action the FTC must disclose “what data security standards, if any” it has published and intends to rely upon to demonstrate that a company’s data security practices are not reasonable and appropriate.
Would there be a greater return on investment if our information sharing focused less on enabling private sector victims to better duck and cover, and focused more on enabling the government to get the bad guys?
May 1, 2014
Regardless of how vigorously the industry applies risk management principles and how diligently the government shares information, there is no chance the private sector can consistently withstand intrusion attempts from foreign military units and intelligence services or even, for that matter, from transnational organized crime.
Cybersecurity is the unsung linchpin of every company that has grown increasingly dependent upon vulnerable technologies, whether to communicate, to store sensitive data, or to manufacture and deliver its products and services.
Not all employees are saboteurs or malicious actors, but without education, unwitting employees could cause just as much damage as a targeted data theft in the long run. Read how to prevent this in the August 2015 issue of Security. Also read how building stronger relationships with local and national law enforcement can aid in school security awareness and response, learn about the dangers of continuing to use old credit card terminals, and see the ASIS International 2015 product review.