National Cybersecurity Awareness Month (NCSAM) is observed every October to highlight cybersecurity challenges facing us in an evolving digitized world. NCSAM also promotes cybersecurity as a professional path, educates students on potential threats, and supports businesses in their cybersecurity efforts. The overarching theme is “a shared responsibility,” meaning that all of us play a role in staying safe online. To promote this effort, the EDGE360 editorial team has compiled content that we think will be beneficial to our readers who are looking to bolster their cybersecurity efforts.
Cybersecurity Awareness Month not only sheds light on the many advances that have taken place, but it also uncovers the areas that still need work. John N. Stewart, SVP, Chief Security and Trust Officer at Cisco, says that it’s time to focus on ourselves. He suggests that cyber and digital need to evolve their cybersecurity practices — and fast. Stewart offers business owners three strategic steps to building a successful cybersecurity foundation: Integration, Visibility, and Execution.
“I duly recognize that none of these are as easy as this blog is to write… but then, cyber isn’t for the faint of heart,” he said.
Read more here.
SMBs and Cybersecurity Threats
According to the Cisco 2018 Security Capabilities Benchmark Study, more than half of all cyber attacks result in financial damages of more than $500,000. These losses can include lost customers, opportunities, revenues, and out-of-pocket costs. For unprepared SMBs, a loss of this size could put them out of business, which is why it’s important for SMB organizations to take steps to guard themselves against cyber attacks.
The top five security concerns for SMBs are: Phishing, Advanced Persistent Threats, Ransomware, DDoS Attacks, and Proliferation of BYOD connecting to a company network. To combat these threats, SMBs should invest in staff and technologies that promote endpoint- and web-application security.
Read more here.
Securing Critical Infrastructure
Critical infrastructure provides systems necessary to ensure our health, physical security, and the global economy. Are we doing enough to protect these systems? Anthony Grieco, Trust Strategy Officer, for Cisco’s Security and Trust Organization, says that “in order for critical infrastructure to be ready to take on the cyber risks of today (and tomorrow), it will require a holistic strategy.”
First, the network that connects these important systems must be resilient. “Like any cybersecurity strategy, critical infrastructure providers need to take a risk-based approach to understand where they are most vulnerable? And how do they address those risks? In nearly every risk-based assessment I’ve seen, the ability to have visibility and control from the network is THE critical risk control point,” said Grieco.
Read more here.
Malware poses a nasty cybersecurity threat that’s difficult to detect. “The vast majority of malware is unique to each target, and that poses an on-going challenge for traditional endpoint security solutions,” said Evgeny Mirolyubov, Technical Marketing Engineer, Advanced Threats Solutions at Security Business Group. The scale and sophistication of attacks make them difficult to detect and defend against, Mirolyubov noted.
Artificial intelligence can minimize risks by detecting and prioritizing breaches. “Cisco AMP for Endpoints is now able to convict polymorphic and evasive malware variants based on the command line arguments observed during sample execution. This capability also facilitates the automated creation of Cloud IOCs, increasing the threat landscape coverage and providing actionable alerts with greater level of detail and context,” said Mirolyubov.
Read more here.
Author
-
The EDGE360 editorial team consists of Jackie Davis, Katherine Samiljan, and Jessica Nguyen. You can reach the team at EDGE360@gotostrategic.com.