Cybersecurity In Mid-2019: Nothing To See Here, Same Problems
The need for cybersecurity measures has been viewed as an issue, however, many companies have problems with countermeasures, as proven by our many years of coverage of cybersecurity news here at hackercombat.com. Due to insufficient security investment and security personnel shortage, the risks in conducting business in today’s technology-driven economy. We at hackercombat.com defines cybersecurity as the act of protecting information data from cyber attacks such as computer intrusion, virus infection, information leakage, data alteration, and destruction. The most common threats against firms include targeted attack, malware infiltration and lack of security personnel.
A targeted attack is one of the cyber attack methods. It is conducted aiming at the information in a specific organization such as a company and will steal various information regardless of the method. As an example, after collecting information on employees who belong to you, you may be spoofed by employees of affiliated companies, etc.
Three Foundations of a secure enterprise:
- Enforce security measures including not only the company but also supply partners such as business partners and system management.
- Appropriate communication with related parties such as information disclosure related to cybersecurity risks and measures to combat them.
- Recognize cybersecurity risks and take appropriate leadership in allocating resources, etc.
It is necessary for companies to take appropriate measures, such as whether they have bases overseas, along with the strengthening of domestic and foreign laws and regulations and security measures. In the case of the European Union-enforced GDPR (General Data Protection Regulation), for example, all global companies that provide Web services for domestic and foreign users, and handle IP addresses and cookies (data sent from the browser to the server according to the past user behavior), Even if you do not have branch offices overseas, if you do not respond according to the GDPR, you may be subject to disposal and compensation.
It is essential to work on strengthening cybersecurity measures throughout the entire organization. And for implementation, securing security personnel is one of the important items. Lack of security personnel and human resource development have become major issues in cybersecurity measures. In addition to hiring outside personnel, implementing human resources development in-house as a measure is the first step in cybersecurity measures. When it comes to cybersecurity measures, there is a tendency for security enhancement of systems and electronic devices to precede.
On the other hand, many of the security damage is triggered by human factors, and we must be aware that employee literacy may lead to security vulnerabilities. Conversely, if you raise security awareness and enable all employees to respond appropriately, you can effectively strengthen corporate cybersecurity. In order to improve employee security literacy, it is necessary to improve IT literacy and to hold regular training sessions on the latest cyber-attack methods and countermeasures. The important thing is that each and every employee has an active role in security measures. Along with the progress of digitization, cybersecurity measures have been taken for granted. In addition to proactive measures, when an incident such as an information leak occurs, the employees involved must immediately make a sure decision and create a system that does not aggravate the damage.
On the other hand, IT and security fields are very diverse, so it is difficult to decide how much literacy should be acquired, and it is necessary to have a training system to learn appropriately. In such cases, it is recommended to outsource cybersecurity training to a specialized school. By asking for a specialized training period, you can efficiently improve security skills using a structured IT and security curriculum. In addition, there is also the merit that it is possible to carry out education and training without having to spend the work hours of senior employees by requesting training to the outside.
Julia Sowells946 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.