Robust cybersecurity requires constant education, vigilance

An excessive number of cybersecurity breaches occurred in the first six months of 2017 alone. The recently announced Equifax breach, estimated to impact 143 million U.S. customers, is just one of the latest. Every business that collects and stores sensitive data is at risk because any vulnerability in the security of this data can result in devastating consequences for your business and your customers.

Companies that are breached are required to alert potential fraud victims, which can be expensive and cause irreparable damage to your brand and business. The National Cyber Security Alliance found that 60 percent of small companies go out of business after suffering a cyberattack.

In light of this, it’s understandable that local businesses are concerned. They know it’s not enough to have a cybersecurity plan in place because the risks are constantly evolving. So to be effective, this plan must be updated in keeping with the latest threats and solutions. In response to customer demand and to help educate our business customers, the topic is scheduled to be addressed today when Hawaiian Telcom hosts its third annual Technology Forum at the Plaza Club.

In addition to local experts from Hawaiian Telcom and SystemMetrics, Tech Forum attendees will meet cybersecurity experts from industry leaders including AlienVault, Cisco, Radware and Terra Verde. They will answer questions about monitoring practices, workforce training and implementing the right tools for efficient threat response.

A highlight of today’s event will be a panel of information security experts from industries such as government, retail, banking, health care and data center, which I will be speaking about. Panel members will share their experiences with security threats and best practices on how to achieve the strongest security posture. Because many local leaders are willing to share their lessons learned with others, panels like these are often the best venues to hear real stories about challenges that companies face today and how they are dealing with them.

The variety of members on the panel will highlight security threats that are present in every industry. And it’s not just information technology professionals that need to be on guard — security threats are business risks that must be addressed holistically.

At the core, all businesses face similar security risks that can be managed with basic security hygiene. The panelists plan to emphasize the importance of keeping software up to date with patches, maintaining backups and creating strong passwords with multifactor authentication. Businesses also need to be diligent about tracking who has access to data and devices, as well as how and where these are being used.

The panelists also will touch on how security and compliance go hand in hand. Companies must be able to prove their security practices meet compliance standards, which may be unique to their industry. For example, health care companies may need to comply with the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the Health Information Trust Alliance (HITRUST).

Retail has the Payment Card Industry Data Security Standard (PCI DSS), while government entities have Federal Information Processing Standards (FIPS), the Defense Acquisition Regulations System (DARS), the National Institute of Standards and Technology (NIST) and others.

However, companies should keep in mind merely checking off compliance requirements is not enough to keep up with the ever-evolving landscape of security threats. A robust security plan calls for constant vigilance, reassessment and adjustment.

At the end of the day, staying informed through ongoing education opportunities and finding a trusted partner for cybersecurity prevention solutions are the best ways for local business professionals to make sound decisions that will ensure their environments are secure.

Marcus Yano is chief operating officer of SystemMetrics, a Hawaiian Telcom company. Reach him at myano@systemmetrics.com.

Visit this article in the Star-Advertiser