Make an impact: how to raise awareness of cybersecurity best practice at your organisation
Given the number of high profile cybersecurity incidents in recent years, it’s no surprise industry is taking a more proactive approach towards protecting data.
Our 2017 Global Threat Intelligence Report revealed that last year there was an 11% year-on-year improvement in the number of organisations actively maturing their incident response preparedness. However, the research also revealed that 68% of organisations have no formal incident response plan.
How can your organisation become one of those businesses that are actively maturing their response to the modern cybersecurity landscape? There’s no simple formula for success here. However, if you’re ready to act on cybersecurity, this blog and the rest of the series will provide you with the essential steps you can take to achieve this goal.
To learn more, our new Frost & Sullivan authored white paper, Ransomware: The Pervasive Business Disruptor, outlines the drivers and impacts of the most important cybersecurity threats facing your organisation. It provides a summary of the latest research on ransomware and offers guidance on how to limit that risk. We would encourage you to download your free copy of the report today.
Be a catalyst for change
As our white paper highlights, ransomware is now the biggest cybersecurity threat facing industry. Once activated, ransomware can ‘lock’ your users out of business files and folders until a fee is paid to the attacker. This form of attack is highly effective and growing in popularity. The benefits for hackers are clear: This is a lucrative business, and the cybercriminals behind ransomware attacks are constantly innovating new methods to exploit weaknesses in their victims’ infrastructure.
What can your organisation do to minimise the risks of ransomware and other forms of hacking? While long term success will involve an effective strategy to adapt how your organisation deals with the threat, there are several steps you can take right away to begin limiting the risks, start conversations in your organisation and be a catalyst for change.
1. Research the threat to your business
Having a realistic understanding of the risks facing your organisation is an essential part of the preparation you need to take. While every business faces the threat of ransomware, it’s important to understand that certain sectors are more regularly targeted. Our research found that 77% of ransomware targets are found in just four industries: business and professional services, government, healthcare and retail.
2. Understand the ‘human problem’
It’s also important to understand how you are likely to be attacked. Our research reaffirms the widely-held notion that humans are the weakest link in a company’s cybersecurity defences. Phishing attacks, social engineering and ransomware are almost all delivered through the mistakes of individual employees.
3. Get executive buy-in
For any cybersecurity initiative to be successful, it is essential to get the issue onto the agenda of your organisation’s leaders. While any responsible CEO will understand the importance of cybersecurity, many will see it as an IT issue, and may be reluctant to treat this as one of the business’s long-term initiatives.
Without buy-in from the organisation’s leaders, it will be difficult to get your business up to standard with the modern cybersecurity landscape. Security today is all-encompassing, and is no longer just about installing brittle firewalls. This message must be conveyed to your organisations’ leaders. Get air time with the C-suite by:
- Raising the issue with your line manager and attempt to elevate it to board meetings
- Compile latest research (download our whitepaper and infographic today) and threats to your organisation and supply these to business leaders
- Put together a comprehensive plan for your business
Finally, when ‘selling’ the importance of upgrading your cybersecurity strategy, emphasise the costs of downtime, not ransoms. For larger businesses, a $1,000 ransom may not feel like an enormous outlay. However, in the context of a day (or more) of lost work, the costs could spiral into the tens or even hundreds of thousands of dollars.
Risks are less predictable than before and attackers are developing more sophisticated ways of breaching your defences. To adapt to this change, you will need a mature and complete approach to cybersecurity. This will require an understanding of the risks you face while gaining buy-in from organisational leaders. Once these basics are in place, you will be able to develop your strategy for an all-encompassing approach.
For more research on the threats facing your organisation, download our white paper today, or get in contact with our experts.