Tackling The 5 Most Critical Data Security Issues Head On
According to Forbes, two-thirds of CEOs are taking the reins now that 59 percent of them control the cybersecurity budget. For them, having a cybersecurity checklist in place can help steer their decisions in the right direction.
Small- and mid-sized business executives have even more to lose as they realize that cybersecurity failures are catastrophic to their businesses, costing an average of $3.86 million per breach.
One survey found that executives worry about four main business impacts of a security incident:
- customer loss (45%)
- brand reputation loss (44%)
- revenue loss or operational (32% each)
According to the Forbes article, “The risk component of cybersecurity makes it a top priority in meeting business objectives and should no longer be left solely within the purview of the CIO and IT department.”
In light of increased oversight at the highest levels, what should executives look for in their cybersecurity priorities? Here, we offer five, foundational, yet critical areas to keep at the top of your cybersecurity checklist.
Train Employees in Security Principles and Practices.
Accidental data loss (by way of employee mishandling and mistakes or human error) accounted for 23.54 percent of all breaches from 2013-2018. These were mainly caused by employees sending data via email to the wrong recipient, as well as loss or theft of paperwork.
Top on your cybersecurity checklist is to establish basic security practices and processes for employees. Commit to building awareness and education within your organization and creating a security-first culture. Its everyone’s job.
Secure Your Endpoints.
Endpoints are increasing exponentially with cloud technology, smartphones, the explosion of the Internet of Things, and more remote and diverse working locales and conditions. Endpoint detection, protection, and response are essential.
- Ensure your organization has robust password policies and practices.
- Keep your devices clean by sticking to the organizational habit of maintaining the latest security software, web browsers, and operating systems, which are the best defenses against viruses, malware, and other online threats.
- Treat your mobile devices like laptops, and ensure to set reporting procedures for lost or stolen equipment.
Get to Know Your Data Intimately.
While roughly 70 percent of mid- to large-sized U.S. healthcare companies are very or extremely confident in their ability to manage sensitive data, only 50 percent update their inventory of personal data once a year or less.
- Understanding the overarching structure and governance of your data sources is vital. Know where your data is and centralize it, if possible.
- Ensure policies and technology are in place for regular and automatic back-ups.
- Don’t underestimate the importance of your data.
- Don’t just worry about financial, human resources, customer, and accounts receivable/payable files.
- Any data that would be required to run the business, or re-establish to return to full functionality, should be included as well.
- Pretend your business is data-less, and identify what would you need to get back up to speed.
Secure your Wi-Fi networks.
It may be the most fundamental part of our cybersecurity checklist, but many overlook this gaping hole in the organization. Ensure that your wireless network is secure, encrypted, and hidden. Password protect access to the router and use multi-factor user authentication, if possible.
There are numerous encryption methods for wireless security, and it’s not difficult to establish and test. Without it, however, you’re leaving the keys in the door for anyone to enter.
Use Business-Grade Cloud Solutions.
The last item on our cybersecurity checklist may seem like an obvious one. Whether you’re actively storing and accessing the cloud, you are, inevitably, using the cloud through service providers and third-party connections. Cloud is here to stay and must be considered as part of any cybersecurity plan and governance structure.
Centralizing processes and data with a cloud provider can offer many improvements in cybersecurity. Cloud services allow for enclaving data, where vital data is stored in one location and well-protected. Consumer-grade solutions, while cheaper, do not typically include the necessary controls, protections, and capabilities needed for good cybersecurity practices.
While some organizations will see this cybersecurity checklist as basic, these are the fundamentals where many executives don’t have adequate knowledge or oversight. Addressing them can eliminate cybersecurity blind spots and highlight your systemic risk sources.
An executive’s first duty is to the health and growth of the organization. Today, we would posit that protecting the organization from threats should be obligation number one.