You may not know it, but it is coming. Well covered in the media, a range of major brands continue to report significant cyberattacks – costing these businesses millions and wreaking havoc on corporate reputations. Analysts estimate the average cost of a data breach is $3.8 million, translating into $154 per record lost or stolen. With such high risks, companies must prepare for each and every threat.
Today’s cyberattacks are complex and becoming more prevalent. And these threats aren’t just coming from the outside, as internal security breaches are becoming more common. The FBI recently issued a warning about threats caused by disgruntled employees – highlighting the potential for stolen data and extortion to avoid sabotage. The agency even estimates financial damage from internal attacks has climbed to as high as $3 million. Even worse, a greater number of threats are now due to poor corporate oversight. Data protection is made even more difficult with the surge of “Shadow IT” and unauthorized downloads, as well as lack of corporate alignment to government and industry compliance measures.
To stay protected, CIOs and CISOs must develop a detailed security strategy backed by deep analysis of potential areas of exposure. The initial step is to conduct an “asset segmentation” exercise to understand what must be protected – then prioritizing and ranking each asset by level of criticality. Doing this exercise allows organizations to see with clarity what they have, then assign the identity and access controls, as well as multi-layered security where appropriate.
The challenge is many companies lack the in-house talent and skills to properly evaluate assets and implement policies. For this reason, outsourcing is becoming a popular option – whereby third parties assess the risk, segment the assets and set up procedures control access and monitor continuously. Partners can also help design systems that not only include typical firewalls, but advanced tools such as access management controls, threat intelligence and IPS technologies.
We explored the latest wave of cyberattacks and how to stay protected at the CIO and CenturyLink live half-day event – “The Future of Security in and Compliance in a Hostile World” – on Aug. 26 in Washington D.C. The event included presentations by IDC and CenturyLink executives on preparing for and avoiding breaches, and developing best practices for a solid IT security strategy.
A new generation of cyberattack is just around the corner and companies must be prepared. To prevent becoming another statistic, CIOs should act now and implement a next-generation security policy to ensure full protection. QCBN
Baltazar Torres is a technology expert at CenturyLink. Are you ready to consult with an expert about cloud options for your business? CenturyLink, the third largest telecommunications company in the United States and a recognized leader in the network services market, offers global cloud infrastructure and hosted IT solutions for businesses of all sizes. To learn more, contact CenturyLink at 928-779-4092 or visit www.centurylink.com/connected.