Though Fishtech works every day to give cybersecurity the awareness it deserves, each October,
we’re happy to see an extra emphasis given to the importance of taking proactive steps to enhance cybersecurity at home and in the workplace during National Cybersecurity Awareness Month.

Each year we hope to share lessons that we have gleaned from more than two decades of shaping the landscape of cybersecurity solutions. These insights are often tried and true principles worth revisiting, as we continue to prepare for an ever-evolving future.

Cybersecurity Requires More Than a Nod of Approval from the C-Suite

In today’s business environment, cybersecurity risk management programs are more important than ever. Traditionally, this has been recognized by the IT teams who would try to stress the importance upstream, but as businesses continue to undergo digital transformation, modern cybersecurity programs require buy-in from the C-suite.

Cyber attacks affect every aspect of an organization, from IT, to finance, to HR. The leaders of the organization need to prioritize their focus on mitigating the cyber risks inherent to modern business to protect everyone under their purview.

Cyber-Hygiene is Not Enough

It may be easier to go through the motions and make your way through the normal checklist and make sure you’re complying with standards that may or may not be right for your business.This approach is just not enough. Organizations need to take an approach informed by data.

Focus should be on threats that pose the biggest risk, not those that are part of your routine “box checking”.

Network Data is Not Enough

Internal threats detected through network logging and aggregation are detected too late. Early indicators of internal threats come from human actions and attitudes. There are better ways to get in front of potentially devastating internal attacks. There are solutions that use better models than network data to reveal behaviors of potential insider threats, well before they become a problem (a particular specialty of our friends over at Haystax).

Technology Alone is Not the Solution

You may have heard us talk about people, process, and technology. That’s because all three of these are integral to a proper cyber-risk management program. Many security vendors will try to sell you software that is the be-all and end-all of cybersecurity. There are more factors to a complete cybersecurity program than the “perfect technology”. You need trained staff that will follow processes exactly as they are specified so that all other factors that could provide a vulnerability outside of what each technology protects from will be mitigated.

Cybersecurity Awareness in 2019

While we believe that these four items carry particular importance to organizations overall, we have also loved the overarching themes of 2019’s edition of National Cybersecurity Awareness Month: “Own IT. Secure IT. Protect IT.”

With these themes, there is more of a focus on personal accountability to help create a foundation of proactive behaviors and awareness to strengthen each individuals’ knowledge and confidence to help create a culture of cybersecurity throughout each organization.

We will highlight a few of the basic strategies of each theme below, but we definitely
recommend checking out more resources on each of the following areas to make sure your
knowledge is up to date on best practices in cybersecurity for you and your organization.

Own IT:

  • Be aware of what you share on social media.
  • Review your privacy settings for each app that you use, and continue to do so with
  • Make sure your applications and accounts only receive the base level of information. If
    they are asking for too much, ask yourself if you really need to use these tools.
  • Don’t forget about smart devices. Monitor how these are used as much as you would
    with your smartphone.

Secure IT:

  • Create strong and unique passwords or passphrases. The more characters the better.
  • Utilize multi-factor authentication for added security.
  • Take care when shopping online. Make sure you are shopping at places you know you
    can trust.
  • Scrutinize every email that includes links or requests for information to protect yourself
    from phishing.

Protect IT:

  • Make sure you update to the latest security software, web browser, and operating
  • Avoid public Wi-Fi as much as possible.
  • If you are collecting customer/consumer data, make sure it is secure.
  • Cybersecurity is important in the modern age, and it is important to re-evaluate your own
    adoption of cybersecurity practices as much as possible.

We hope this post helps give you a starting point on items to re-visit on your quest to #BeCyberSmart.

We hope you have had a successful National Cybersecurity Awareness Month. If you have any questions for our experts on how to improve your cyber awareness, fill out the form below to get connected!