Each year, October officially marks National Cybersecurity Awareness Month. But when you’re in the business of protecting the Fortune 500’s critical data, it’s Cybersecurity Awareness Month all year round.
In its 15th consecutive year, Cybersecurity Awareness Month is an initiative which highlights educating consumers, students, academia, and businesses worldwide on how to be #CyberAware. With last week’s attack on Facebook that exposed the personal information of nearly 50M users, it’s an especially interesting time to be raising awareness around cybersecurity. A constant reminder that cybercriminals are relentless, this breach was announced just over a year after last September’s massive Equifax data breach in which attackers stole personal data on 143 million Americans, including names, Social Security and credit card numbers, birthdates and addresses.
Based off the recently released infographic, here’s a breakdown of the topics covered in this year’s NCSAM, which will serve as a guideline for this three-part blog series:
Oct. 1–5: Make Your Home a Haven for Online Safety
Oct. 8–12: Educating for a Career in Cybersecurity
Oct. 15–19: It’s Everyone’s Job to Ensure Online Safety at Work
Oct. 22–26: Safeguarding the Nation’s Critical Infrastructure
At Vera, we believe there’s nothing more important than protecting your Intellectual Property, sensitive data, and critical business information. Yet, security defenses continue to fail, and organizations simply can’t rely on their network, CASB, DLP or endpoints defenses alone. And to kick-off this month, we’re sharing our own tips around data protection and privacy.
Tip #1 – Protect the data, build a more resilient infrastructure.
The idea of a network perimeter—where the devices and data on the inside are inherently trusted and protected against any access from the outside—has been dead for a while. Here at Vera, we’re hyper-focused on securing and monitoring the flow of data, no matter where that data resides or who it is shared with. It would be ideal to prevent unauthorized access to a network or device entirely, but—assuming attackers will eventually infiltrate—how much damage can they actually do if they are unable to access or extract any of the data? Zero.
Tips #2 – Educate everyone on security, that means non-security folks too.
At the end of the day, hackers will try anything to get at the valuable information shared in and outside your organization–by sending phishing emails, stealing laptops, or hacking into your engineer’s code. If you want to take security seriously, you need to involve everyone in the company, which means security and non-security professionals alike.
Tip #3 – When it comes to infosec, stop playing defense. Get proactive.
Realistically, there is nothing you can do to make a network, computer, or mobile device absolutely impenetrable. Laptops and mobile phones have empowered people to connect to the Internet from virtually anywhere and anytime, which all but negates the concept of inside and outside the network, or “offense vs. defense.” As long as there’s data worth stealing, there will be people attempting to access it by any means. But by encrypting your data the moment it’s created or shared, we can stay one step ahead of malicious hackers.
I’m confident that together we can create a culture of respecting privacy, safeguarding data, and enabling trust. Interested in talking more? Send me a note at firstname.lastname@example.org and I’d be happy to continue the conversation.