Creating a cyber defense plan is key to maintaining security
My team and I recently completed the first round of a new Hawaiian Telcom University roadshow focused on cybersecurity best practices for businesses. Formerly an all-day educational event on Oahu, HTU is now a series of shorter, smaller workshops on a wide range of topics held throughout the state. The cybersecurity series was held in Lihue, Hilo and here in Honolulu.
Guest speaker Carlos Villalba, vice president of security services at Terra Verde, has more than 20 years of experience and holds at least a dozen advanced security certifications. His colleagues call him “the smartest man in cybersecurity,” and it’s a title he bears well. His message was simple: Cybersecurity threats continue to evolve. Today they are more organized, targeted and complex, yet many businesses remain unprepared. The effects of cybercrime, particularly on small businesses, can be devastating.
In my world I see this daily. Businesses of all sizes are being attacked from all directions. Cyber bad guys are knocking on firewalls, trying to find holes in network defenses and sending phishing emails. Once they gain access to your accounts, they might pretend to be a vendor or a customer and ask for private information.
It is important to understand the various ways your business can be attacked and what the attackers are trying to steal. When you have a better idea of what assets a cybercriminal could be after inside your corporate network, a plan to defend those assets starts to make more sense.
With that said, it can be difficult to figure out how and where to start, and that’s why having a trusted technology partner is key. Managed Security experts can help to provide guidance on how to start creating or bolstering a cyber defense plan for your business.
The plan starts with performing a Cybersecurity and Compliance gap analysis to determine the current state of your defenses and identify weaknesses. Most businesses have some level of security but aren’t clear on exactly what they need and how everything can work together.
I strongly recommend implementing a cyber hygiene program that focuses on people, passwords and patching. Similar to personal hygiene like washing and brushing, a cyber hygiene program is a series of good practices for computer and device users to maintain system health and improve online security. And much like personal hygiene, cyber hygiene is most effective when followed correctly and regularly.
Other elements to add to your cyber defense plan are creating an ongoing discovery plan to identify what is on your network and what shouldn’t be there, maintaining regular data backups so you won’t be at the mercy of hackers if your data is ever compromised or held hostage, developing an incident response plan for when something goes wrong, and educating your employees about security trends and how to identify and report attacks on an ongoing basis.
The majority of cybersecurity breaches are preventable, but you need to take the first step. If you’re interested in a free security self-assessment tool to help you determine your cyber risk, please feel free to contact me directly at firstname.lastname@example.org.
Matt Freeman is director of information security at Hawaiian Telcom. He leads the company’s security training program and provides training services for customers statewide. Reach him at email@example.com.
© Honolulu Star-Advertiser
Visit this article in the Star-Advertiser