Page 152 - Cyber Defense eMagazine September 2022
P. 152
Social engineering, malware and other basic attacks remain the greatest threats to most businesses. A
larger emphasis on training would be a simple, cost-effective way to combat these risks, yet people
continue to ignore their weak points and take action when it’s too late.
One reason companies are still undertrained is that they think an advanced cybersecurity infrastructure
will do the dirty work for them. The system will stop all threats with no human intervention required. Of
course, this misconception is not true. The cyberthreat landscape is always changing, so all systems
need regular audits to address their vulnerabilities.
Another problem with throwing money at cybersecurity is a lack of standardization. Using a wide range
of tools to manage security threats can lead to operability issues. Collecting data for risk assessment is
a key part of cybersecurity, but that task becomes more difficult as more information sources get added
to the mix.
More information does not always lead to more accurate risk assessments. Each tool operates
independently, so each batch of data is also independent. This structure lacks the centralized intelligence
that large organizations need to identify and address risks in a timely manner. Managing a constant
stream of alerts is another downside to using many tools.
Moreover, some companies add extra layers of defense just to meet compliance checklists. The security
team might not even know a tool’s intended purpose. They won’t be able to interpret the data correctly if
they don’t understand how the program works. As the late management educator Peter Drucker once
said, “you can’t manage what you can’t measure.”
Cybersecurity Fundamentals
Throwing more money at cybersecurity can lead to an adequate solution, but it needs direction. The real
fix is choosing the right investments and learning how to maintain them. Here’s what businesses should
focus on to improve their cybersecurity.
1. Cloud Storage
Rather than buying a bunch of miscellaneous security tools, businesses should take a more centralized
approach with cloud storage. Cloud storage keeps data on one platform, making monitoring and
evaluating much easier. The security team can oversee employee information, customer files and
financial records from one standard source.
Cloud computing is especially beneficial for remote employees who spend most of their time navigating
the web on their own devices. They’re more vulnerable to a cyberattack than in-house workers. A cloud
storage system can give their information the same protection as the rest of the staff.
Cyber Defense eMagazine – September 2022 Edition 152
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.