Estimated reading time: 2 minutes, 36 seconds

Cyber attacks are imminent. According to a ThreatPost article, “Most organizations have experienced some type of attack within the course of a year, with only 7 percent of respondents claiming not to have experienced an attack at all.” An organization must change their rationale from “what will we do if we get attacked” to “what will be do when we get attacked.”  Having a solid plan will decrease the time it takes to fend off the attack and save the company thousands of dollars.

Every company regardless of size should have a CISO on their payroll. A Chief Information Security Officer is vital to protect an organization’s private network and sensitive information.  A CISO will be able to pinpoint weak spots in a company’s network making it easier for a potential threat to infiltrate. They are also well versed in the different software that are available to curb attacks.

Once a CISO is onboarded – he or she must develop a strategy to not only keep information secure but develop a plan when the company gets breached. He or she must outline what a potential breach may look like and what is needed to ensure it does the least amount of damage as possible. While each strategy is unique to the company – it must include a scenario for different types of attacks. While phishing is one of the most common cyber attacks – companies also have to deal with malware, ransomware, and hacking. While some are more common than others a company needs to prepare themselves for any one of the various threats.

Once a strategy is implemented a company must always play defense – keeping up to date on the different types of threats and software that can help alleviate risk. Each year threats become more sophisticated at going undetected and a company must keep up. One of the ways that a business can play defense is to continuously train their employees about what potential threats look like. A company needs to challenge their employees to think like CISOs. While a CEO or CISO may know the significance of a strong password or why someone should never click on an unknown email link – but do all of their employees? Insider threat has steadily increased throughout the years – mainly in part to neglectful users who don’t realize their acts are jeopardizing their company’s sensitive information. There is also the risk of 3rd parties – therefore any vendors must be vetted to ensure that they do not add unnecessary risk. By training employees to spot negligent behavior it will better protect a business ward off threats. A CISO is only one person and can do very little to fight an attack without the help of their organization.

Statistically speaking, a company will be the victim of a cyber crime at some point – but it’s up to the organization to minimize the fallout.  While there is no fool-proof plan – by hiring a CISO, developing strategies to deal with a threat, and training their employees are just three ways that an organization can be prepared to deal with a potential threat.

Read 72 times
Rate this item
(0 votes)
Tagged under
Danielle Loughnane

Danielle Loughnane earned her B.F.A. in Creative Writing from Emerson College and has currently been working in the data science field since 2015. She is the author of a comic book entitled, “The Superhighs” and wrote a blog from 2011-2015 about working in the restaurant industry called, "Sir I Think You've Had Too Much.” In her spare time she likes reading graphic novels and snuggling with her dogs.

Visit other PMG Sites:

click me
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline