When It Comes To Cybersecurity, Don’t Forget The Basics

March 7, 2018 by Michael Bruemmer

From malware and phishing to expansive distributed denial-of-service attacks, the sophistication, scale, and impact of cyberattacks have evolved significantly in recent years. With data breach as the new normal, organizations must adopt stronger, more advanced technical solutions to protect sensitive data. While enhanced technology is necessary for defending against data breaches, it cannot work independently of precautionary, often-overlooked measures like risk assessment, threat information sharing, or employee awareness and education.

Even with the most cutting-edge defense systems in place, companies can’t underestimate the importance of employing fundamental security practices to mitigate cyber threats. In a climate where the risk of a data breach continues to grow, preparation is critical.

The Fifth Annual Study: Is Your Company Ready for a Big Data Breach?,” sponsored by Experian Data Breach Resolution and conducted by the Ponemon Institute, examines how organizations stack up in data breach preparedness. Organizations can help mitigate risk by employing the below best practices:

Manage third-party risks: A cyberattack on partners or vendors can have dire consequences for an organization, regardless of how exhaustive its own security measures may be. The risk resulting from a third-party’s lax security measures is too great to ignore. However, only 48 percent of organizations conduct assessments on third-party cybersecurity tactics.

Regularly review response plans: The threat and severity of data breaches are continually changing. Keeping a pulse on vulnerabilities is vital for any company. However, 40 percent of respondents say they don’t have scheduled times to review and update their data breach response plan. A staggering 26 percent report not reviewing or updating their organization’s plan after implementation.

Opt-in to software updates: Outdated software exposes areas susceptible to infiltration, increasing a company’s risk of attack. Despite such risk, only 26 percent of respondents say employees are required to update software systems regularly. Organizations should require that all employees have the most up-to-date software available.

Educate, educate, educate: Data breaches caused by employee negligence are a concern of 80 percent of respondents. Because of their access to a company’s computers, systems, and networks, employees must be actively involved in an organization’s data breach defense. Organizations should conduct regular training and awareness programs on the consequences of mishandling sensitive confidential information.

Data breach preparedness is a multifaceted effort that requires cross-company support and involvement. Organizations can’t rely solely on technological solutions to thwart cyber threats. Having a solid response team in place and a well-defined process are fundamental elements of a data breach response plan that, though seemingly basic, should never be overlooked.

For more, download Experian’s Fifth Annual Data Breach Preparedness Study here.