Monday, March 1, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

IT security: Five essential steps to keep the hackers at bay

March 2, 2019
in Internet Security
IT security: Five essential steps to keep the hackers at bay
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

From malware and ransomware through to internal espionage and onto state-sponsored hacking, businesses face cybersecurity threats across a broad range of vectors. As the appointed guardians of enterprise IT, how can CIOs help ensure great information security in a digital age? ZDNet gets best-practice advice from five experts.

1. Put the right policies and patches in place

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

David Walliker, who is CIO at both Liverpool Women’s NHS Foundation Trust and the Royal Liverpool and Broadgreen University Hospital NHS Trust, recognises that protecting patient information is a number one priority for technology professionals in the healthcare sector. “It’s all about doing your job properly — I’m quite clear on this,” he says.

Walliker says it’s easy to blame misguided individuals who click on suspicious links, but senior managers must also understand their roles and responsibilities. He says some NHS organisations have been slow to recognise the importance of policies and procedures. By taking proactive steps, his organisation is aiming to ensure the impact of incidents like WannaCry, which cost the NHS almost £100m, are limited.

“If people had patched their servers and firewalls in the first place, it wouldn’t have happened. WannaCry wasn’t a cyberattack — it was a cyber incident that was the result of some people not doing their jobs properly. That’s why one of the things we’re majoring on right now at the Women’s Hospital is cybersecurity,” says Walliker.

“We’re one of a handful of Trusts to have received the full Cyber Essentials accreditation. For me, it’s important to be able to say to your patients that — if we do want to do things like open access and put health records on devices — that they know they can trust us to look after their information when it’s in transit.”

2. Place a strong emphasis on education

Sarah Flannigan says she learnt a huge amount about cybersecurity by being CIO at EDF Energy, a role she left late last year. Part of her responsibility at EDF was ensuring the safe operation of critical UK national infrastructure.

“That takes everything to a whole new level in terms of information security,” she says. “Even when you’re working with other organisations at a state-to-state and hyper-sensitive context, the same truth applies — and that is your weakest link is actually your staff. It’s all about education; information security is everyone’s business.”

SEE: 10 tips for new cybersecurity pros (free PDF)

For CIOs looking to strengthen those links, Flannigan says staff training plays a critical role. IT leaders have long-championed the benefits that come from testing internal security procedures. Flannigan encourages tech leaders to explore all potential avenues when it comes to preventing attacks through popular techniques such as phishing.

“Running regular, internal tests to see how your staff respond, and then publishing the results to executives about how many people clicked on a link, can really help. While people don’t like being trapped, it really focuses the mind and teaches people a valuable lesson. Enterprise-wide education is key, whatever the context,” says Flannigan.

3. Keep an eye on your suppliers

Andy Kravitz, head of fraud systems and controls at Lloyds Banking Group, says there is significant onus on IT leaders to explore the options — both in terms of technology and culture — when it comes to establishing effective information security.

“There’s a lot you can do,” he says. “That can be around implementing technical controls, or it could be about briefing your colleagues. So, telling them not to open email from outside the firewall that includes attachments, or being really aware of the risks to look for.”

Kravitz — who spoke at a recent RSA security event on managing risk in London — says CIOs should also keep an eye on their suppliers. While data security is often seen as an internal issue, the connected nature of business in the digital age means external cybersecurity matters more than ever before.

“Just because you’ve got your four walls locked down, you might still be giving a good proportion of your data to a third-party company that is hosting your services or holding your customer information,” says Kravitz. “It’s crucial to recognise that your data is just as attackable when it’s with a vendor as it is when you’re holding it within your four walls.”

4. Use automation to help manage regulatory requirements

Neira Jones, partner at Global Cyber Alliance, which is an international, cross-sector effort dedicated to eradicating cyber risk, says she feels sorry for executives trying to maintain information security because the regulatory environment is complex. She points to governance across finance and payments, suggesting there’s 15-plus regulations that firms in the sector are supposed to comply with.

“That’s really tough,” says Jones, who has previously worked in executive roles for firms including Barclaycard and Santander. “The key is to look at all those regulations within the context of fraud prevention and cybersecurity. Look at that legislation in a holistic way and recognise that all these regulations touch on very similar things.”

SEE: IT pro’s guide to GDPR compliance (free PDF)

Jones suggests CIOs should take advantage of the convergence that has taken place during the past few years in terms of fraud prevention and cybersecurity. “They’re now two sides of the same coin; you need to realise the economies of scale in that respect,” she says.

“You can’t comply with all these regulations manually, both in terms of traditional and emerging technology, such as machine learning and artificial intelligence. So, automation will be key — look for new tools. Focus on toughness in terms of compliance and data protection.”

5. Accept you’re going to get hacked anyway

Andrew Gould, detective superintendent and national cybercrime programme lead at the National Police Chiefs’ Council, says it’s still concerning how many organisations fail to cover the basics. Like other experts, he says password policies and patching remain crucial, even if these requirements are difficult and sometimes disrupt day-to-day business operations.

“If that patching solves 80 percent of your problems, then that has to be a massive focus,” says Gould. Yet patching shouldn’t be the only focus when it comes to technology. While CIOs must work to keep people out, they must ensure their business can recover when the unthinkable does happen.

“Accept that you’re going to face an incident or issue — what absolutely cannot fail in those circumstances are your backups,” says Gould. “Time and again we see people haven’t backed up or, if they have backed up, they haven’t tested it — and when they press the button to get their data back, nothing happens. In many ways, backup has to be your number one priority.”

PREVIOUS AND RELATED COVERAGE

Move over HR: Why tech is taking charge of company culture

As companies are engulfed by change, maybe techies can help staff make sense of it all.

What is a CIO? Everything you need to know about the Chief Information Officer explained

What does a CIO do and how do they relate to the CTO and CDO? Everything you need to know about the role of the CIO.

Formula 1: How faster access to data is giving this team the edge

Storage automation and big data helps Mercedes F1 make better decisions, faster.

5G planning: Five things CIOs should be doing now

As 5G technology gains momentum, CIOs and business leaders need to prepare for the opportunities — and the potential fallout.

4 ways your company can avoid a data breach (TechRepublic)

Only one in three organizations say they are confident they can prevent data breaches, according to Balbix.

Microsoft says Russian hackers targeted European researchers (CNET)

A group linked to Russian government agencies targeted more than 100 people researching electoral integrity and public policy.

Credit: Source link

Previous Post

Journalists Reported a News Story Using Machine Learning

Next Post

Lisk Machine Learning Tops 24-Hour Trading Volume of $6,397.00 (LML)

Related Posts

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Next Post
Lisk Machine Learning (LML) Hits 24-Hour Trading Volume of $10,276.00

Lisk Machine Learning Tops 24-Hour Trading Volume of $6,397.00 (LML)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

The Bayesian vs frequentist approaches: implications for machine learning – Part two
Data Science

The Bayesian vs frequentist approaches: implications for machine learning – Part two

March 1, 2021
Google’s deep learning finds a critical path in AI chips
Machine Learning

Google’s deep learning finds a critical path in AI chips

March 1, 2021
9 Tips to Effectively Manage and Analyze Big Data in eLearning
Data Science

9 Tips to Effectively Manage and Analyze Big Data in eLearning

March 1, 2021
Machine Learning & Big Data Analytics Education Market 2021 Global Industry Size, Reviews, Segments, Revenue, and Forecast to 2027 – NeighborWebSJ
Machine Learning

Machine Learning & Big Data Analytics Education Market 2021 Global Industry Size, Reviews, Segments, Revenue, and Forecast to 2027 – NeighborWebSJ

March 1, 2021
The Future of AI in Insurance
Data Science

The Future of AI in Insurance

March 1, 2021
Machine Learning as a Service (MLaaS) Market Analysis Technological Innovation by Leading Industry Experts and Forecast to 2028 – The Daily Chronicle
Machine Learning

Machine Learning as a Service (MLaaS) Market Global Sales, Revenue, Price and Gross Margin Forecast To 2028 – The Bisouv Network

March 1, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • The Bayesian vs frequentist approaches: implications for machine learning – Part two March 1, 2021
  • Google’s deep learning finds a critical path in AI chips March 1, 2021
  • 9 Tips to Effectively Manage and Analyze Big Data in eLearning March 1, 2021
  • Machine Learning & Big Data Analytics Education Market 2021 Global Industry Size, Reviews, Segments, Revenue, and Forecast to 2027 – NeighborWebSJ March 1, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates