Page 49 - Cyber Warnings
P. 49
4. Encrypt all data from the start unless you are processing the information which would
require the information to be unencrypted
5. Keep the system up to date to close security vulnerabilities in Operating systems and
software used to deliver the service.
6. Review all developed code for potential vulnerabilities
7. Always prepare for a disaster. Create a plan of action if a severe data breach takes
place. Your reaction will make the difference in legal ramifications and corporate
reputation.
8. Train personnel in the handling of sensitive information
For Investors and those that are thinking of starting a company providing services, think about
security upfront rather than an after thought.
It is more expensive to not include security at the beginning of your product than after a request
from a potential customer or a compromise.
When you start the adventure of a new business, think of the information you handle to be your
own and how would it make you feel if your information was stolen.
About the Author
Kip has served as a CISO for the past 8 years and IT Executive leader for
over 20 years. He uses extensive business and security expertise to advise
CXO executives on strategies to deal with quickly changing landscape that
affecting IT infrastructures. His current focus is on International Privacy
Laws, compliance to ISO, SSAE 16, HIPAA, in technology mobility,
advanced malware, APT, and cloud security.
Kip brings over three decades of IT security leadership spanning the military
and commercial experience. He previously served as a US Marine in
Information Technology and a CISO at United Launch Alliance, GeoEye and ServiceSource.
He has specialized in building Risk Programs, IT Departments and Security programs.
The times Kips is not behind a computer he is out in the hills of Colorado mountain bike riding.
49 Cyber Warnings E-Magazine January 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
