Page 10 - Cyber Defense eMagazine - February 2018
P. 10
Planned downtime and uptime can occur at the same time, without going offline, but this
type of continuity requires capital investment in technology.
PREPARATION EQUALS PREVENTION
If the steps of documentation, patching, and redundancy seem obvious and simple,
that's because they are and should be the fabric of IT. Nevertheless, I'm continually
dumbfounded by the number of organizations that bypass documentation, ignore
patching, and don't upgrade — especially when there is software available to automate
patching and reporting, and minimize service interruptions.
Given that breaches became almost commonplace in 2017, I expect the need for robust
security tools to rise exponentially in 2018. Consider leveraging a comprehensive
monitoring toolset that can outline a baseline of performance across systems, networks,
and especially databases, which are particularly vulnerable to attacks.
Oddly enough, the rise in breaches is compounding the indifference around information
security. Instead of raising the volume on better security practices, the regularity of
incidents is turning them into noise. For everyday people, there's a level of acceptance
®
now, and the Band-Aid of replacing credit cards, for example, is more of an
inconvenience than a threat.
Now, we're also seeing similar resignation bleeding into enterprises, as potential losses
are accounted for in the annualized loss expectancy. The cost of a breach, however, far
outweighs that standard number.
Plus, we are now entering a realm where those subjected to breaches will be
considered criminals as well: the recently introduced Data Security and Breach
Notification Act could require companies to report data breaches within 30 days.
Anyone knowingly concealing an incident could be fined or go to prison.
The good news is, breaches at a large scale are preventable, but it takes collaboration.
IT must ensure the foundation is strong and current, but that can only be achieved with
executive support. The bottom line is: if you value your customers and your business,
then you will value security.
10 Cyber Defense eMagazine – February 2018 Edition
Copyright © 2018, Cyber Defense Magazine, All rights reserved worldwide.