Welcome to Week 2 of National Cyber Security Awareness Month. This weeks theme is “Cybersecurity in the Workplace is Everyone’s Business.” What is your company culture around cybersecurity?
More than ever, every single employee has a responsibility to ensure the cyber safety of their company network and data. To do so, first, your company must identify what is important to the business, the “crown jewels” of digital assets. This is often the intellectual property of the company. That’s certainly a good place to start.
Most companies have taken steps to secure the network perimeter, but if a hacker were to breach that perimeter and gain access to your network, would you know they are there? As you identify cybersecurity risks, how do you classify them? Do you remediate them or just note their existence? Consider the recent Equifax breach. It was revealed that Equifax was aware of the flaw that allowed the breach for at least two months. How long can you allow a known vulnerability to remain unaddressed? There are rumblings that we may start to see heavy penalties for such cases.
Also, keep in mind that your HR data is just as important as your trade data. In additional to having a responsibility to protect your digital assets that relate to your products and services, you must also protect your employee data. Every business has Personally Identifiable Information (PII) on every person it employs.
Some of the other things I’ll blog about this week includes cybersecurity issues like identity and access management, detecting and responding to threats, recovering from a breach and Bring Your Own Device (BYOD) considerations.
I hope you will follow the conversation and join in. Stay Safe Online!