Tech

Here Are 4 Simple Steps To Keeping Your Company Cyber Safe

Daily Caller News Foundation logo
Steve Ambrose Contributor
Font Size:

Ever since a teenager hacked the director of the CIA’s email, it’s clear no one is immune to cyber threats.

Recent attacks from hackers include those that are Russian (Pawn Storm), Chinese (Deep Panda), and even minors. Cyber threats are an inevitable part of today’s world, but there is no reason to avoid taking steps to protect yourself. (RELATED: Fool Me Twice … China Attacks Seven Companies After US Cyber Truce.)

The Daily Caller News Foundation spoke to Todd Thibodeaux, president and chief executive officer of CompTIA, a non-profit information technology trade association Oct. 29 about steps companies can take to better prepare for digital threats.

Thibodeaux outlined four recommendations that represent a “comprehensive organizational approach to cybersecurity.”

1. Create policies that define corporate security guidelines

Everyone needs to have, read, and know the playbook. Employers cannot reasonably expect their employees to act with any amount of cyber sense if they can’t look to the employer for guidance.

Most companies have some type of policy handbook. In between the sections on company history and what qualifies as harassment, needs to be a section for proper cybersecurity protocol.

Therefore, though every employee won’t immediately know how to solve to a digital problem, at least they know where to go to get some answers.

Security

Security

2. Establish processes to maintain security integrity

Reset your passwords and don’t use the same one for every account.

Don’t mix work and play. Keep those digital lives partitioned so that if there ever is an issue on your personal platform, the professional account is safe—and vice versa.

Don’t clink on email links from African princes and princesses, don’t forward that funny email from someone you don’t know, and don’t give out private information over the phone.

Ideally you won’t make mistakes, but it happens. Now what?

Don’t ignore it and don’t try to fix it on your own—just immediately go to the information technology team.

Statue of Atlas at Doges Palace, Venice, Italy

Statue of Atlas at Doges Palace, Venice, Italy

3. Utilize products to assist in monitoring and protection

Use anti-virus and malware software. There are a number of paid and unpaid versions in the marketplace, but your company having no type of protection is not an option.

Also, just as important as having software protection, is keeping it up-to-date. There is no point in having a program that defends against the malware of 2003, when you are getting hammered by the malware of 2016.

Binoculars V

Binoculars V

4. Work with people who are trained, cyber-aware, and responsible

It is okay if cybersecurity is way out of your comfort zone … as long as you are working with someone who is in their comfort zone.

Hiring the human resources officer and the after-hours security guard to run your cybersecurity team will probably save you money for 36 hours. But, when a digital breach happens and customer information is being improperly accessed, or identities are being stolen, or your entire network is rendered inoperable, whatever financial gains you made 36 hours ago will be squandered on repairing your system, protecting clients from fraud, and salvaging your brand.

Long story short, don’t use the D-Team for an A-Team job.

Training the trainers

Training the trainers

Thibodeaux places particular emphasis on the fourth point. “The best security technology products and the most comprehensive policies and processes,” he says, “won’t work without appropriate human action. Spreading cybersecurity awareness, knowledge and training throughout the entire organization is essential.”

His recommendations could not come at a better time.

CompTIA released a report Oct. 26 about the cyber habits of employees. Unfortunately, the results are less than stellar and a bit shocking. (RELATED: An Insane Amount Of People Failed This Common Tech Security Test)

A number of companies have had the misfortune of having their cyber defenses breached. Ashley Madison, Sony, the Office of Personnel Management, T-Mobile, and Anthem are just a few organizations that have recently found themselves the victim of a coordinated cyber attack. (RELATED: US Healthcare Under Tidal Wave Of Chinese Hacking)

The Senate has now taken up the digital safety mantle after passing the Cybersecurity Information Sharing Act (CISA) Oct. 26. CISA is designed to facilitate the sharing of information between the private and public sectors.

While the bill has a number a detractors, it also has a fair share of support–including CompTIA. (RELATED: Twitter, Other Tech Juggernauts Choose Privacy Over New Cybersecurity Bill)

In response to a question about CISA’s role in encouraging safe cyber practices, another CompTIA senior executive is reassured by the prospects.

Elizabeth Hyman, the executive vice president of public advocacy for CompTIA, says its “membership understands firsthand the necessity to protect both our nation’s critical infrastructure against cyber threats as well as the personal protection of consumer information. This legislation provides an important step in allowing companies and government to share information without fear of litigation in an effort to thwart future attacks.”

Follow Steve Ambrose on Twitter

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.