You  need  to  be  cautious  considering  the  new  ways  that  hackers  can  steal  your  information.
               Limit your access to protect the company from a major break in security. Instead of accessing
               information directly, you can request reports from the relevant department. If the worse case
               scenario happens, the damage can be minimized.

               Having a CISO can help to identify possible breaches. How do you find the right CISO for your
               company? Here are some of the key traits you should look for in a CISO.

               You want a person that has a strong background in information security. They should be able to
               keep an open perspective as well. When needed, they should be able to consult with outside
               specialists to identify threats before they become an issue.


               COORDINATE AND COMMUNICATE WITH ALL EMPLOYEES
               Communication is a key part of promoting cybersecurity awareness.

               As the CEO, it is your job to bridge the gap between security offers and the board. Encourage
               your CISOs to use business language in their reports for easy understanding.

               Security training should occur on a regular basis. Most companies train on an annual basis but
               can benefit from more frequent training. Quarterly or biannual meetings can help to reinforce
               defensive  behaviors.  By  improving these  programs,  you  can  communicate  updates  with  your
               employees as they occur.

               Stress  the  importance  of  cybersecurity  awareness.  This  cannot  be  overstated.  Educated
               employees can make well-informed decisions that will lessen security risks. Employees that are
               more aware become less of a liability.


               Cybersecurity is an important part of every employee's job. As the CEO, you need to be a
               role model for the company. Display proper security behavior, and create an environment where
               security is constantly changing. Create a culture that promotes awareness so employees can
               find weak spots in security.

               UPDATE SECURITY PROTOCOLS AND SYSTEMS

               Ransomware targets many worldwide institutions and businesses in all sectors. Software used
               to steal information has become commonplace, and criminals for hire are not in short supply.
               Many  hacked  victims  have  one  thing  in  common.  A  part  of  their  network  is  out  of  date,  and
               hackers exploit this vulnerability to enter the company's network.

               An overextended IT department can have issues with keeping all of the devices on the network
               up to date. A security threat assessment can identify these devices that can be exploited by
               hackers. Once these threats are identified, you can create a schedule that ensures that devices
               are not being skipped over.

               Tools are available that can help to test your existing security. Anomaly detection tools can spot
               unusual  patterns  in  the  network  and  user  behavior.  Penetration  testing  can  also  identify
               weaknesses in the network.

                   63    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.