Page 61 - Cyber Defense eMagazine - November 2017
P. 61

9 WAYS CEOS CAN PROMOTE

               CYBERSECURITY





               by Jessica Anderson, Director of PR, PhoenixNap Global IT Services



               The increase in ransomware attacks has created security challenges for companies. CEO roles
               have  expanded  to  include  cybersecurity.  As  CEO  you  can  take  steps  to  minimize  these
               potential threats. Prepare your company and take precautions to avoid costly data breaches.
               Hacks can hurt the company financially, and the reputation and brand ruined.
               Here are nine steps that CEOs can take to promote cybersecurity.


               UNDERSTAND SECURITY PROTOCOLS IN PLACE WITH YOUR COMPANY

               Once you have a clear picture of what practices are in place, you can identify areas that  need
               improvement.  Work with other company leaders to develop a cybersecurity plan throughout the
               company. Keep your security protocols updated to stay on top of new security threats.


               Each employee needs to understand what rules are in place When a breach occurs; employees
               should know what to do. Communicate changes to the whole company, to lessen the chance of
               a security breach.

               CONDUCT REGULAR SECURITY ASSESSMENTS

               An  annual  security  assessment  can  be  a  powerful  tool  to  prevent  and  identify  a  breach.
               Regulations  like  HIPAA  Compliant  hosting  and  the  PCI  require  companies  to  perform  these
               evaluations. A security risk assessment (SRA) allows a company to identify key risk areas in the
               network from the view of a hacker.

               After the SRA, the CEO decides on where to allocate resources and security solutions. The size
               and complexity of the network determine whether specific areas need to be prioritized or if it can
               be more generalized

               A CEO and the board decide what level of risk is acceptable for the company. An SRA cannot
               eliminate all security risks. It identifies potential targets that hackers may target so that you can
               protect  those  areas.  Company  resources  are  finite,  but  the  assessment  can  assist  with  the
               prioritization.


               CREATE A WORKING RELATIONSHIP WITH THE CISO
               Establish a partnership with the company's Chief Information Security Officer (CISO).





                   61    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   56   57   58   59   60   61   62   63   64   65   66