This article will appear in the January issue of the Grand Valley Construction Association Journal.
2017 was a year to forget in the field of cybersecurity.
- In May, the WannaCry ransomware attack infected over 200,000 computers in over 150 countries.
- In June, Petya malware spread across the Ukraine, disabling ATMs and shutting down the monitoring system at the Chernobyl nuclear power plant.
- In September, over 140 million Equifax customers learned that their credit card numbers, social security numbers, and home addresses had been leaked.
- Even Deloitte, a company that consults with organizations to prevent cyber-attacks, had its client and employee data breached by failing to deploy a simple two-factor authentication procedure.
A cyber-attack can severely damage your business’ reputation. Over 45% of Canadians would stop making online purchases from a vendor that suffered a data breach. Compare that to the 76% of Canadian executives who expect the number of data breaches to increase in 2018, but do not expect their organizations to invest in IT security.
Traditional thinking has been to invest in the basics like firewalls, anti-virus software, and if these fail, deal with the repercussions as best you can. The problem with this approach is that it applies a technical solution to a knowledge-based problem; hackers use known exploits and social engineering tactics, not superior hardware, to gain access to data.
Fortunately, 2018 promises several IT security advances will allow your company to identify and mitigate potential breaches before they affect your bottom line.
1. Customized Solutions: Increased demand for IT security has brought many new vendors into the market, expanding the range of solutions available to enterprise customers. This means a more tailored approach to security with experts who understand your infrastructure’s size and complexity.
2. Cloud Security: With more organizations moving their IT infrastructure to the cloud, it has become an increasingly attractive target for hackers. As such, cloud services providers like Microsoft Office 365 have embedded security in every stage of their services, from software development to license procurement, your programs are continuously updated to eliminate potential exploits.
3. Insights from Big Data: As your organizations adds pieces to solve the IT security puzzle, the vast amount of data generated by each system can cause analysis paralysis. Cybersecurity experts have identified this problem and are using advanced tools like User and Entity Behaviour Analytics to better understand weak points in IT infrastructures, strategically patch holes, and alert administrators to irregular activity.
These advances in customizability, software updates, and data analysis will enable real-time assessment and informed decision making for your company. Of course, developing and implementing an IT security strategy is easier said than done, which is the reason many organizations are looking to cybersecurity consultants to bridge the knowledge gap. A trusted cybersecurity consultant can assist in several ways:
• Perform an infrastructure review, gap analysis, and provide recommendations.
• Test current systems to determine potential problems or security threats.
• Conduct cloud security reviews and network security assessments.
• Prepare reports for senior management and regulatory bodies.
• Provide guidance on the selection of a cybersecurity insurance policy.
• Formulate an incident response and notification strategy.
• Keep you up to date, and prepared to overcome, the latest cybersecurity threats.
Read another blog post here.
Connect with Pund-IT at 519-342-4004 to discuss your company’s cybersecurity strategy.