Taking The Cyber-Security Initiative
Posted on 28 October, 2018 by Agumba Paul
Each day the Internet grows, developed by us, you and I. feeding it with, new patterns, schedules, transactions, photos, videos and chats, actually the list is endless. Basically the data we feed it with is who, what, what we are, and, what we like, just us! It’s so amazing! When I start imagining of everything about the Internet (it’s a virtual model of us)-- Thanks to Tim Berners Lee(founding father of world wide web) a great role player in the creation of the Internet and also to all the contributors of the content including you.
Let’s now get to the real deal; with us building our new selves each day with the data we provide to the Internet, each day the data value increases, but how? The more data we provide about us the more the real us is represented (our needs, emotions, reactions etc.).This info is majorly valuable to marketing and advertising companies as they will get to know what you really want and stage a well-targeted advert for manufacturing companies; hence they are able to get what to really produce from the virtual you. The data we feed the Internet (the building blocks of “virtual us”) isnot only important to the advertising and manufacturing industries alone, we've got the bad guys too. This guys are ready to get any piece on information about you and sell it in the dark-net from as cheap as a 100ksh for instance an email account goes for around 100ksh – 900ksh and health records data going even higher than credit card information which almost everyone thinks its the only valuable information they have and need to secure….With this value of data the bad guys are very ready to exploit any vulnerability to get that data you think its of less importance and you don't secure.
Talking to people about information-security and all I get is “what do I have to hide?”- Always sick of this answer. Most people are very ignorant when it comes to data security. Personal data is viewed as data of less harm by most people. The big question is “if someone can’t take care or be responsible with personal data what about corporate data? What about the sensitive data about your company? Corp-orates should be in a position to answer this, the CISOs and the management at large. We are living in very wild times and companies should take the initiative and responsibility toeducate their employees on Cybersecurity to curb insider-threat.
We've got the best technologies in the market giving real time analytic of network traffic, very intelligent intrusion detection, preventive systems and SIEMS(security information and event management systems). These systems (without employees training on Cybersecurity issues) create a false sense of security referred to as the “candy security’(‘hard in the outside soft in the inside’). With this security structure, the attacker will target the ‘soft part’ which is the unaware employee with no training on what to expect or report in-case of an incident. This attacker approach has 80%-90% chances of success and from the inside the cyber-technologies will not be effective on stopping the attacker.
Complex or best Cyber technologies are less effective with untrained employees ~
Employee training should cover all organizational department. With the technology status today where device portability and wearable is key, we’d not consider a certain department as less important or less likely to cause a breach than the other. The least likely is always the most vulnerable. The bad guys will always use the least expected points or departments and those are always the weak points. These points are going to cripple your organization (#Equifax). No one wants to get to this point due to ignorance.
An Organization can take years to build a Cybersecurity Reputation but only a day to destroy ~
The worst and the most difficult situation in an organization is recovering from a Cyber-attack. It’s very expensive to get back in business, gaining back trust from your customers and investors. TAKE THE INITIATIVE now and always remember, Cybersecurity starts withone self and the rest (company) follow.
Contact Us for Employee Training from Our experts and real world examples and tests.
(Controlling the Human Element of Security To Ensure No Breaches And Business Continuity)