In our second part of a two part series on cyber threats, we look at how opportunistic cyber criminals are and ways you can protect your organization (and your data).
It’s pretty clear that cyber criminals are employing a wide variety of tactics to breach your organization for financial gain. Their efforts result in significant costs for those on the receiving end. The Center for Strategic and International Studies, in partnership with McAfee, released a study earlier this year that estimates the annual cost as a result of cybercrime is $600 billion in the U.S. alone.
Cyber preparedness isn’t easy – that’s partially why hackers are so successful. But there are steps you can take that will make it harder for them to illegally infiltrate and compromise your systems. And because cybercrime is a numbers game, they may well move on to their next target if breaching your systems is difficult.
According to the Center for Internet Security (CIS), you can reduce your risk of a breach by 80 percent if you follow these five steps:
Breaches will happen so it’s important to minimize vulnerabilities and mitigate the risk. To be prepared, create an incident response plan and align the mission with business objectives, priorities and risk appetite. You must:
Don’t let an actual breach be the first time you try your incident response plan. Test your playbook and adjust as needed.
Consider your all of your network and endpoint data and locate any gaps in visibility.
Choose the right metrics to measure based on what makes the most sense for your organization and risk appetite.
One critical component to cyber threat preparedness is to understand how endpoints can often be your biggest source of risk. According to IDC, 70 percent of databreaches originate on an endpoint such as laptops, tablets, mobile phones and other devices. Visibility and control over your devices, where they are and what they are running is a key component to a strong security posture.
For more information on how to increase your cyber threat readiness, check out our webinar, Cyber Threat Checklist: Are You Prepared with SANS Institute.