Page 8 - index
P. 8







0/ 0/ &'" ), 0, +0- "#"*.". $ &*./ 3 "- // '.

- )! $ $+' !! $#

Fall is almost upon us. You know what that means: the kids are back in school, the leaves will
soon turn colors and it’s time for football. While I’m not someone who’s glued to the TV every
Sunday watching NFL games, I can’t help but tune in to cheer on my local team. Go 49ers!

Therefore, when asked to provide my thoughts on how organizations can better protect
themselves from cyber attacks, I couldn’t help but think of parallels to the game. After all, one of
IT’s jobs is blocking and tackling internal and external security threats in order to keep
confidential data safe and employees as productive as possible.

This is no small feat with data constantly on the move. According to Cisco’s Global Mobile Data
Traffic Forecast, there are seven billion mobile devices on the planet – almost the same number
as there are humans. Plus, analyst firm, IDC estimates that over the next six years, 90 percent
of new spending on Internet and communications technologies will be on cloud-based
technologies – a whopping $5 trillion global business. It’s no wonder we find ourselves being
pulled in so many directions when it comes to proactively managing data security.


A comprehensive IT defense has more components than can be properly named in one article.
I’ve outlined seven best practices to add to your defense playbook to keep your enterprise data
out of unwanted hands in this fast-moving era of mobile and cloud computing.


1) Don’t underestimate your opponents: You don’t have to look far to find a headline on yet
another cyber attack. Last December, the theft of 40 million credit card numbers at Target. Last
month, the largest known data breach to date with a Russian crime ring stealing 1.2 billion
usernames and passwords from 420,000 websites. And, just today, as I’m writing this, a hacking
incident at JP Morgan Chase and several other financial institutions. If we’ve learned one thing
over the past year it’s that no one is immune. We need to continuously fine-tune and enhance
our defenses because we cannot predict where the next malicious attackers will strike.

2) Expand your cheering section: Too often, cyber security management is left solely to IT.
While IT should certainly drive many of the decisions, such as technology evaluations and
purchases, data security initiatives require buy-in from senior management, compliance officers
and employees. According to a report by Kroll and Compliance Week, three quarters of
compliance officers have no involvement in managing cyber security risk. It’s a good idea to
hold regular security briefings with executives on new types of threats, as well as educational
sessions for staff on risks and reminders about internal policies related to mobile computing.
This will help the organization gain a greater understanding that protecting your intellectual
property is critical to company’s success.

3) Think twice about that trade: Far too often, IT hands over control of their enterprise data to a
cloud provider, giving them full responsibility without completing understanding the risks. This
puts the onus on the cloud vendor to care for your data as if it’s their own – a huge responsibility
I25B /1B>9>7C &171J9>5 M +5@D5=25B 49D9?>
?@IB978D K I25B 565>C5 &171J9>5 << B978DC B5C5BF54 G?B<4G945
   3   4   5   6   7   8   9   10   11   12   13