“War is ninety percent information.”
“Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.”
Kevin Mitnick – notable hacker
Why Cybersecurity is important
We probably don’t even need to discuss the importance of Cybersecurity any more. We learn just about every day how incidents of hacking, ransomware and other forms of cyber attacks are increasing dramatically at the individual, organizational and national level. Technology companies focusing on Cybersecurity solutions wage a constant battle to stay current with the latest threats and offer their customers the best protection possible.
However, many organizations – especially SMEs – are still not yet fully aware of the potentially existential threats they face and are ill prepared when the worst does indeed happen.
In addition, Cybersecurity is not just a technology issue – it is also about people and policies – as the Kevin Mitnick quote below makes clear. For example, intellectual Property (IP) theft is frequently perpetrated by individuals who are already INSIDE the organization firewall – by employees who are disgruntled, not adhering to sloppy security policies, or maybe even being blackmailed.
Increasingly, organizations need to fight the cyber threat on multiple levels:
- Ensure they have technologies in place to identify security threats.
- Implement processes to identify and respond immediately to security violations.
- Simulate attacks to identify potential weaknesses.
- Analyze network traffic to identify suspicious patters and potential anomalies.
- Monitor physical entrance and egress to secure locations to identify potential anomalies.
- Ensure policies and procedures are in place to enforce password changes, shut down access to employees leaving the organization, restrict access to contractors etc.
- Ensure security procedures are constantly updated to meet developing threats.
- Monitor social media activity of key employees to proactively detect potential dissatisfaction.
How we can assist you
- Review your existing Cybersecurity processes and technologies and assess your as-is situation. This involves conducting interviews both with personnel in charge of implementing Cybersecurity policies, procedures and technologies, as well as users throughout the organization.
- Conduct a technical assessment of your Cybersecurity readiness. We can assist you using technologies and analysis processes provided by our partner Fortinet. This assessment typically lasts approx. 7 days and the resulting Cyber Threat Assessment Report demonstrates clear vulnerabilities in your infrastructure.
- Organize and conduct so-called “pen tests” (penetration tests) to actively attempt to breach your security – if we can do it, so can the “bad guys”.
- Organize and conduct other security tests, such as physically monitoring key locations for signs of unusual physical entry/ exit.
- Review your process for enforcing security standards throughout the organization and make recommendations for improvement.
- Where necessary, design and implement Cybersecurity systems, policies & procedures from scratch.