23rd November, 2020
A number of organizations have fallen short of keeping their data secure even though they believe that they have a defense mechanism in place to protect their information and systems. But any breach or illegitimate access to data is a big blow considering that teams are working remotely.
Capabilities of hackers/ scammers continue to get more sophisticated and it is vital to for organizations to identify any unusual behavior before a databreach happens.
Some of the pertinent areas that need to be focused on are:
Ensure there is clarity over what to protect and where.
One cannot misuse data or leak if there is no access. “So either limit access by default or control the size of the potential leak,” says Jan Kubíček, Kiwi.com’s Director of Security. Do evaluate if there is any data stored in an unsecured external storage service. If it accessed without authorization then it’s a threat.
Focus on real-time threat intelligence. This can help in evaluating behaviour which otherwise can be missed by traditional endpoint security technology, according to Daniel Farr, Leading Information Security Consultant, Foregenix.
Unpatched or old vulnerabilities shouldn’t be overlooked at any cost, said Kubíček.
Encourage a culture of security within an entity. Do focus on security awareness and training alongside technical controls.
By Ritesh Gupta