Are you going to be the next cyber attack headline?
You see the headlines. They are scary. More and more companies are being hacked. According to Pew Research the trend will continue.
Their security is being breached. Their data and their customer’s data become compromised. They are vulnerable to all kinds of new threats and risks. And what about all the potential legal nightmares?
Take a look at the list of some of the organizations that were victims of cyber attacks in 2014:
- Neiman Marcus
- Yahoo! (mail)
- P.F. Changs
- U.S. Investigations Services
- Community Health Services
- Home Depot
- Google (communications)
- Apple iCloud (technology)
- Goodwill Industries International
- Super Valu
- J.P. Morgan Chase
- Dairy Queen
Avoid Being the Bad News
It’s just an awful situation. You never want one of these headlines to be about your company. Never.
So what are companies, especially IT departments, supposed to do to avoid getting hacked or experiencing some sort of damaging security breach? There is no easy answer. There is no one-size-fits-all solution. That is not how security works.
There are all kinds of quality security products and services available in the market. By all means, you should seek a reliable partner offering those products and take full advantage of them. However, security is not the kind of thing that is fixed or solved with a purchase of one of these products or services.
Security is more than a set of products and services. It’s more than a set of strategy and tactics. Security starts with a complete understanding of your organization and potential risks. Security is a state of mind. Security is visibility, access and use of solid data, vigilance, and old-fashioned common sense.
Furthermore, security is never done. Security is a continuous effort. It is fluid.
The minute you think you have it all figured out and protected from every potential threat that may be the time you open yourself up to the next threat. Then there are some notorious security concerns.
- The human layer
- Vendor management risks
You could put a group of IT executives in a room, and they could discuss just these three risks all day long.
So what is the answer?
The first step to effective IT security is the right mindset. You must make security a high priority and commit to highly effective security.
Without the right mindset and dedication to IT security, inevitably the proper level of investment in thought, time, effort, products, and services will fall short. Unless you get lucky, it’s only a matter of time until the lack of investment catches up with you.
If you had to boil it down, here is the simple lesson. Do your best to leave nothing to chance.