Data security isn’t just a software issue. It’s far more physical than you think. While the discussions around cybersecurity awareness are primarily centered around workforce awareness, firewalls, passwords and mysterious black boxes, it’s important to note that a staggering amount of security breaches don’t involve logins, passwords or code at all. They involve people, hardware and a deafening lack of preparedness. In the age of all things cyber, are we dropping the ball when it comes to the physical threat?
With 11,000 IT and cybersecurity jobs currently unfilled in the state of Florida and state government agencies facing a very competitive talent market, the University of West Florida Center for Cybersecurity and the Florida Agency for State Technology (AST) have tackled the issue aggressively on their own and teamed up to build a pipeline of talented, trained cyber professionals who can support the state’s cyber resiliency and data security.
Our businesses are inundated with incidents of ransomware, malware, adware and many other intrusion variants, it’s no wonder that 90 percent of healthcare institutions have been affected, at a total cost of $6 billion a year, according to a recent study from the Ponemon Institute. As we make our way through these threats, one needs to ask; if so many companies offer solutions, and institutions hire top shelf network security engineers, why are there so many breaches?
Your main users are not Spartan warriors. They are not professional security geeks. They don’t think like hackers. Elevated security measures do not come naturally to most people. They all have real jobs to do which are NOT focused on information and cybersecurity.
Ninety-four percent of large businesses in the U.S. have a cybersecurity policy, according to the 2017 Cybersecurity Survey by Clutch, and most of them have had a policy for more than three years. U.S. enterprises are more likely to have a cybersecurity policy than most global organizations (two-thirds of which lack a formal cybersecurity policy), and policies most commonly include required security software, backups, scam detection and security incident reporting protocols.
If you thought phishing emails were going away anytime soon, think again. According to Symantec’s July Intelligence report, “one in every 1,968 emails” during the 31-day month was a malicious phishing message – the highest rate in the past 12 months.
There’s a shift taking place in the boardroom: With the recent high-profile cyberattacks like WannaCry and NotPetya, cybersecurity has been placed in the spotlight, making it a much more prominent topic than it was five years ago.
Our August issue cover story features Steve Baker, CSO at State Street Corporation. Also in August, how did a Guidewell Security team member save a life? And learn how digital technology and IoT devices can combat both physical and cyberattacks.