International Cyber Security Leader
Global Chief Information Security Officer
- (1) YOU CANT PROTECT WHAT YOU DON’T KNOW
- Whether in the private/public sectors or a small village shop maintaining an accurate inventory of all your internet connected systems and services is critical to protecting your entire organization from international cyber criminals, hackers, hacktivist, script kiddies and many more attacker types. Today many publicly reported data breaches worldwide occur in part or whole due to poor asset and inventory control which often leads to poor management and updating of systems connected to the internet. These factors when combined create a perfect opportunity for compromise by malicious actors or cyber criminals.
Key Question for Your IT Support Team or Yourself:
- Do we have an up to date asset inventory of all systems and devices, and are they running routinely updated operating systems? Additionally are you have a ‘good’ anti-virus and malware protection application running (free is not always good) on all computers and laptops which is also routinely updated?
- (2) BE AWARE THAT YOU MAY ALREADY BE A CYBER VICTIM AND JUST DON’T KNOW IT
The average time for businesses to realize that they have been compromised or had a breach is close to 1 year. In some parts of the world including the Caribbean it can be much longer. If you are still using a Windows 2000 or XP computer at home or work you are probably more then likely already HACKED.
- Outdated or end of life computer operating systems are a ‘hackers dream’ as they already know all the weaknesses that can be exploited.
Test question: Are you using an updated Windows or Mac devices with all the latest security updated installed (monthly if a windows systems)?
- (3) GET YOUR ONLINE PORTALS & WEBSITES ROUTINELY PENETRATION TESTED AND THIS TESTING SHOULD NOT BE OPTIONAL IN 2023.
When selling products or services online, or capturing/providing customer information online which invoices personal information (PI) it is critically important that platforms providing services and information be routinely penetration tested to proactively identify and fix vulnerabilities and weaknesses a hacker, hacktivist, or cyber criminals can exploit. Penetration test should be conducted at least once annually or whenever a major change/update to your platform is made. They are local companies and cyber security professionals that can conduct a quality penetration test of your website, platform or office network.
Test question for IT technology and Business leaders (IT mangers, CTO’s, CEO’s, CISO’s) When was the last time your company online services or customer support platforms where penetration tested?
- (4) RANSOMWARE DEFENSE
The Caribbean has become a fertile playground from ransomware attacks a few of which have made the evening news in many Caribbean countries. The best defense against ransomware attack is to deploy an endpoint detection & response application on your laptop or office computers. However today’s ransomware attacks have reach a sophistication level that often bypasses many free or cheap anti virus solutions. As such it is very important to select a quality end point detection and response solution not just based on price but it’s ability to stay updated on the most recent ransomware threats which can vary between solution.
Test question: Do I have a quality (not free) EDR application solution running on my home and work computers?
- (5) BOT DEFENSE & ITS HIDDEN OPPORTUNITY
In 2023 a very large % of all internet traffic are bad bots seeking to steal personal information or intellectual website property or content. These bad bots can be blocked automatically if a bot defense solution is in place to proactively protect your website and online customer services platform from a range of bot attacks. The intelligence maintained by bot solution providers is also key in stopping attack from known attackers automatically. An interesting up side to improved bot management is quite simple to understand as by blocking bad bot traffic more highway to your site is available hence improving the your customer experience which on you still. So in conclusion ROI in bot defense can exist.
Test question for IT managers: Do I have a bot defense solution in place?
- (6) PREPARE AND PLAN FOR COMPUTER SECURITY INCIDENTS
The steps to successfully recover from a computer security incident or breach are: identification, containment, remediation, recovery, and closed out with a postmortem review. All businesses in 2023 should have a computer security incident response plan and a set of procedures to follow when an incident occurs. Having to figure out what to do during an incident to limit damage can take up and waste valuable containment time.
Test questions: Do people in my organization know how to report a potential virus or ransomware attack on there computer for support and guidance?
- (7) KEY CYBER SECURITY THINGS EVERY COMPANY OR ORGANIZATION SHOULD HAVE:
In order for a private or public sector business to NOT become a victim of cyber crime they are a few fundamental components they MUST have in simply and short terms, these are:
- A IT strategy and plan
- A cyber security strategy and plan
- An accurate and current asset and systems inventory
- A set of IT and Cyber Security Policies and related guidance and procedures in place .
- Enough staff to effectively implement and manage the items above.
- Regular vulnerability scanning and penetration testing to identify and fix systems weaknesses.
- Annual cyber security awareness training for all
If you are missing one of these you organization is at risk of compromise, breach or exploitation.
Test question: Do I have all of these requirements in my organization and to what level of accuracy and maturity. Additionally to you have the right number of support staff in your organization
- (8) VENDOR & PARTNER PROVIDER SECURITY
Many major globally report company data breaches involve a third party support vendor of the business or organization. With this reality is has become even more critical that businesses and organizations establish a vendor security assessment program to ensure they are supported by vendors that take cyber security seriously and have measures and controls in place to prove that commitment.
- (9) SECURITY EVENTS AND INCIDENT MONITORING
Most systems have security logs that can tell a systems admin what events and activities are occurring on a device requiring further investigation. It is important that not only these activities be captured in a log management solution they must also be monitored in order to identify malicious, criminal or fraudulent activities and behaviors for action or investigation.
- (10)LEADERSHIP PLEASE TAKE CYBER SECURITY IN YOUR BUSINESS OR ORG SERIOUSLY AS ROI IN SECURITY DOES EXIST
Brace yourself and with no ‘disrespect’ they are many leaders in the private and public sector that in spite of the data breaches we often here of in the caribbean and worldwide news still do not take the cyber threat seriously.
As a result that are many under staffed private and public sector organizations that simply do not have enough staff to address the cyber threat comprehensively. There is a sense that only a major data breach will move them into action often after serious repetitional and finance damage has occurred, making the cost of doing nothing much higher that doing something.
And 11 …
- (11) CYBER SECURITY TRAINING & AWARENESS FOR ALL – IS A MUST
One of the complexities in cyber security is that everyone from the CEO to the office secretary plays a role in protecting both private and public sector organized from a range of cyber threats (I.e email phishing attacks). As such it is critically important that an annual cyber security training program is implemented for large and small organizations. Keeping your staff aware of the evolving and growing cyber threat landscape can be key in preventing a cyber security data breach or major security incident.
Leave a Reply to Bush TeaCancel reply