Page 32 - Cyber Defense eMagazine - November 2017
P. 32

One of the biggest cyber hacks to date in US history has apparently even been attributed to
               human error. In the recent Equifax breach which compromised the private data of more than
               145 million people, the company’s CEO alarmingly blamed a missed security patch by a single
               IT employee in opening the door for a hacker to target a vulnerability in Equifax’s system. In his
               widely publicized testimony to the House Energy and Commerce Committee, the CEO noted,
               “The  human  error  was  that  the  individual  who’s  responsible  for  communicating  in  the
               organization to apply the patch, did not.” In light of this very unfortunate reveal, a Congressman
               ruefully noted: “How does this happen when so much is at stake?”

               What Can Companies Do for Security Best Practices?

               Failing  to  address  the  human  component  of  security  protection  can  negate  many  of  the
               cybersecurity programs which organizations are investing in. And each year, as companies try
               to keep up with and deploy the latest security technologies, attackers in turn develop and launch
               new  tactics  to  circumvent  those  technologies.  As  the  world  increasingly  becomes  more
               digitalized, the threat of cyber attacks on organizations large and small grows exponentially.

               So what are companies to do when 1) their security programs are not adequate or 2) their staffs
               are not adequately overseeing security programs or 3) both?

               Once companies realize that in the era of cyber attacks, their chances of being compromised on
               security  are  most  likely  to  happen  than  not,  they  need  to  incorporate  and  shore  up  their
               detection and response levels. But for many companies, self-managing their security systems is
               not realistic, given the level of sophistication of today’s hackers, as well as organizations’ scarce
               internal resources.

               In a trend that is changing the cybersecurity industry, companies are increasingly looking for
               security programs which enable them to focus on their core business and not get caught up in
               managing security. As the global management consulting company McKinsey stated in a report
               from  a  few  years  ago:  “Eliminating  threats  is  impossible,  so  protecting  against  them  without
               disrupting business innovation and growth is a top management issue.”

               Organizations  that  feel  overwhelmed  in  running  their  core  business  and  do  not  have  the
               resources  to  self-manage  their  own  security  programs  would  be  well  served  to  contact  a
               solutions provider who can identify and recommend the best security programs that best fits the
               organization’s  needs.  The  benefits  of  signing  on  with  a  security  solutions  provider  are
               numerous, including:

                   •  Faster  deployment  and  improved  data  security.  An  experienced  solutions  provider
                       will be in better position to faster deploy security protocol and programs to protect data
                       and sensitive information.

                   32    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   27   28   29   30   31   32   33   34   35   36   37