It would seem that regardless of size, companies are constantly in the news for being the victims of cyber attacks. Medium and large businesses are especially attractive targets, and the financial impact can be significant as well as the loss in customers’ confidence resulting from a successful data breach.
While information sharing does exist for a few limited sectors, the majority of organizations still rely on their own security teams and vendors to gather information on threats, vulnerabilities and risks and to provide solutions in order to protect corporate information. If the private and public sectors can collaborate and exchange knowledge that provides each other with relevant information via a trusted network, then potential attacks will be mitigated more effectively.
Although some information security components are more suited to certain organizations and industries, there are 10 key areas that should be incorporated to strengthen your overall security program:
1) Corporate Information Risk Management
2) Home and Mobile Connections
3) User Education and Awareness
4) User Privilege Management
5) Removable Media Control
6) Activity Monitoring
7) Secure Configurations
8) Malware Protection
9) Network Security
10) Incident Management
– Trustwave 2016 Global Security Report
– Kaspersky Lab Global Corporate IT Security Risks: 2015
– Ponemon Institue 2015 Cost of Data Breach Study: Global Analysis