It is Time to Think about Cyber Awareness

Cyber Awareness Month is upon us and we want to share some of our best practices for what organizations can do to enhance their security posture while remaining vigilant to stay ahead of threats as best they can. With the shortage of skills and talent needed to keep up, businesses are at great risk of a breach, which can amount to losses in the millions of dollars.

It is a good reminder to note that cybercriminals often have the advantage as they are highly motivated and not bound by the many required compliance and regulatory mandates. In the fight against cybercriminals, threat intelligence can be a useful ally, enriching the process of audit and assessment, and providing proof of security controls enforcement that is required for security and compliance.

For the best protection given limited resources, read these recommendations and step that businesses can take to improve cyber security. Consider these critical steps.

  • Prioritize vulnerabilities beyond what is offered by the Critical Vulnerability Scoring System (CVSS), which is often slow to score threats and only measures the estimated severity – but not risk – of exploitation.
  • Keep up with ongoing changes in data privacy legislation, which can be burdensome and overwhelming, yet is of utmost importance in ensuring security measures are continually updated
  • Monitor threat activity on the Dark Web to understand how cyberattacks are performed, and to know if your business systems are targeted. Also, know which attack tools are for sale and purchased, as well as the success rates of current cybersecurity campaigns.

Proactive vulnerability and gap analysis is key in helping companies meet the reduced timeframes for notification of a breach. Accelerated prioritization of security gaps can play a major role in helping to identify potential security incidents faster, or they can help identify a targeted attack before it takes place. Many cybersecurity regulations and compliance standards now also include vulnerability prioritization in their requirements.

The easiest way to achieve and fulfill the vulnerability prioritization requirement is by proactively understand enterprise assets to the point where security hot spots - or gaps - are revealed at a faster rate. If that awareness can be driven by the need to demonstrate alignment with a 36-hour breach-reporting window, then it can have a positive effect on driving the needed change across the market.

About the Author

Chris Strand is the chief risk and compliance officer at Cybersixgill.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.