Managing Cyber Risk

In a world where more and more people and devices are connected to the Internet, greater focus must be placed on security and privacy. While the Internet has opened us up to a world of possibilities and global connectivity to millions, the very strength of the network - the speed, openness and access - creates a myriad of vulnerabilities. Additionally, securing a business’ network grows infinitely more complex as information pours in from thousands of devices through public web-based and cloud service providers.

Organizations must educate their employees, clients, and vendors to these risks and take the appropriate actions to protect their information. Follow these security essentials to create a more secure environment for your business:

  1. Build a risk-aware culture

    Whether you open a dubious attachment, use an infected flash drive or fail to install a security patch on your laptop, everyone is at risk. Educate your employees about cyber risks and the measure they can take to protects themselves and the company.
  2. Manage and report all incidents

    Report all cyber attacks and potential attacks. Security breaches that occur at different companies or different locations may be related, but this can only be discovered if incidents are reported and analyzed.
  3. Defend the workplace

    Ensure all devices connected to a network - from a laptop to a printer to a smart TV - are up to date with the latest security software and follow all cyber security management and policy enforcement.
  4. Security by design

    One of the biggest vulnerabilities in information systems - and wastes of money - comes from implementing services first and add security on as an afterthought. Build security into your network from the beginning and maintain regular tests to track conformance and compliance.
  5. Keep it clean

    Cyber criminals target people and businesses are that using old, out of date software. Maintain a comprehensive security system and install necessary updates and patches as they are releases.
  6. Control network access

    Companies that channel registered data through monitored access points will have a far easier time spotting and isolating malware. 
  7. Security in the clouds

    If your company utilizes public cloud data centers, ensure you have the tools and procedures in place to monitor possible threats and isolate your data from other company in that data center.
  8. Patrol the neighborhood

    Ensure your vendors and clients are also aware of your risk-aware culture. 
  9. Protect the company's crown jewels

    Every company has crown jewels, whether it is scientific data, acquisitions documents, or clients financial and person information. Whenever your company carries out an inventory, with critical data should get special treatment, guarded, tracked and encrypted as if the company's survival depends on it.
  10. Track who's who

    Ensure you have procedures in place to manage the access and permissions of your employees. If an employees leaves, you must have the control to revoke any access they have to company, client and vendor information.

Source: IBM Security Intelligence 2015

Security Terms Defined

Access point: a device, such as a wireless router, that allows wireless devices to connect to a network.

Cyber attack: events that have been identified by correlation and analytics tools as malicious activity attempting to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

Encrypted: converted (information or data) into a cipher or code to prevent unauthorized access.

Malware: software that is intended to damage or disable computers and computer systems.

Public cloud data center: an off-premise form of computing that stores data on the Internet

Security breach: an incident that has successfully defeated security measures and accomplished its designated task.

Security patch: a software or operating-system patch intended to correct a vulnerability to hacking or viral infection. 

Underwriting Contact

Mark Schulz
(240) 515-0180

Scroll to top