Page 49 - Cyber Warnings
P. 49
Organizations must identify what assets criminals will go after, understand how criminals
monetize crimes and use stolen assets, and finally perceive the resulting impact on their daily
business.
The following tips can help enterprises down the right path:
Think like a cybercriminal. Perform internal audits to identify the most valuable
organization assets most likely to be hijacked and monetized by online thieves.
Deploy security to protect assets with widespread visibility.
Hire staff and train current employees so they possess the skills to recognize security
threats (both potential, and when they occur).
Make security part of everyone’s job description. Task the non-IT part of the organization
to notice anything suspicious and report it to the security team.
Being mindful of regulatory issues is simply a first step. Really understanding the risks and
which assets are the real targets is a far larger and more complicated issue. Companies may
think they are covered because they have a security team. However, businesses must describe
as specifically as possible the data and systems at risk and the job roles necessary to cover
these bases. This is an important part of protecting the entire enterprise.
Cybercrime as a professional is not as captivating an image as that of a rogue hacker lurking in
a basement compound. High-level insight into the methods, procedures, approaches, and goals
of cybercriminal organizations, can help legitimate organizations focus on the specific data and
systems they must protect. Using this information to deploy security technology and train staff to
defend the data and systems most targeted by cybercriminals, enterprises can make the
smartest, most strategic and effective use of their resources.
About the Author
Tom Gilheany is Cisco’s Product Manager for Security Training and
Certifications. He has a diverse background in startups through
multinational Fortune 100 companies. Combining over 20 years of product
management and technical marketing positions, and over a dozen years in
IT sand Operations, he has conducted nearly 50 product launches in
emerging technologies, cybersecurity, and telecommunications. Tom holds
a CISSP, an MBA, and is an active board member of the Silicon Valley
Product Management Association and Product Camp Silicon Valley.
49 Cyber Warnings E-Magazine – September 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
