February 3, 2016
-
Joe Franscella
,

Enforcing Protocol: The Key to Happiness in Life

<p>As a security director you need to get a lot done with limited time and resources. There are many tools and techniques available to help you improve efficiency and cybersecurity in your organization. And while there is no silver bullet solution, let’s take a look at what protocols should be at the top of your list and why.</p><h2><strong>Setting up the Basics</strong></h2><p>According to <a href="http://www.zdnet.com/article/over-90-percent-of-data-breaches-in-first-half-2014-were-preventable/" target="_blank">ZDNet</a>, 90 percent of cyber security breaches that occurred in 2014 were preventable. Having protocols in place is your first line of defense. Setting up and enforcing security protocols can protect your organization’s data from unauthorized access. Often, security breaches come from employees (un)knowingly opening the door to hackers through risky or unauthorized behavior. The first step in preventing loss of intellectual property is having strict IT security protocols that govern computer, network, social media use, etc. This must also cover use of WiFi, mobile devices, and data sharing since these days work is often done offsite and off hours. A <a href="http://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/data-loss-prevention/white_paper_c11-499060.html" target="_blank">recent survey by Cisco</a> found that 70 percent of IT professionals believe data loss was caused by use of unauthorized programs, so be sure you are constantly monitoring employees’ technology use.</p><h2><strong>Evaluate Risk, Repeat</strong></h2><p>Conducting a company-wide risk assessment is a critical step in protecting your data. A thorough assessment will identify which areas are vulnerable to threats, how they could be compromised, and the ramifications of such a breach. This will allow you to identify areas to reinforce, develop a timeline for implementation, and create a detailed report to present to your boss or executive team. It’s important to remember that risk evaluation is not a one-time event; it must be ongoing to be effective as change is constant and technology continually evolves.</p><h2><strong>Clear Communication</strong></h2><p>Clear communication incorporates all manner of sins. When communicating the need for security protocols remember to be prepared with accurate information, be open to listening, and be willing to tailor your message to your audience. Not all of your employees are going to understand high-level specifics, so you must convey info to them in a respectful, easy-to-understand manner. Don’t just say, “No Facebook at work”! Explain how and why social media can affect security. When speaking to your finance team, put it into numbers and data that they will comprehend. The better that security protocols are understood, the easier they will be to enforce. But be aware that there will always be a level of risk with human beings.</p><h2><strong>Stay Vigilant</strong></h2><p>Human behavior is a huge factor in data security. Never overestimate the power of technology…and never under estimate the determination of cybercriminals. For your data to be properly secured, you must be invested in protecting it. Automated tools, <a href="https://www.anomali.com/products">cyber threat detection</a>, and encrypted security protocols will help enormously, but you still need to be proactive and vigilant. Cybercriminals thrive on a challenge—for every new security protocol in place, there is a hacker intent on cracking it, perhaps, with the help of one of your employees.</p><p>Remember, the better your protocols, the better you communicate and enforce them, the happier you will be. Make smart choices, use tools wisely, and encourage employees to become personally invested in security. Remind them that risky behavior impacts them directly, not just abstractly. Effective communication can go a long way to getting everyone on board with network security.</p><p>Download the Security Intelligence and Information Sharing Strategy <a href="{page_3458}">whitepaper</a> and learn more about the new approach to threat intelligence using trusted collaboration.</p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.