Analecta Cyber Company Blog: Holiday Greeting - 2018, 2019 and Remembering What it's All About

2018-12-25

Holiday Greeting - 2018, 2019 and Remembering What it's All About

Security is about people - Analecta Happy Holiday banner
Congratulations! You've reached the end of the year and it's time to take a moment to consider your cybersecurity wins of 2018, set goals for 2019 and remember what it's all about.

2018 - A tumultuous year


Well, 2018 has come and gone. Many established businesses are taking cybersecurity seriously for the first time due to General Data Protection Regulations (GDPR) and various state regulations that went into effect this year. If your organization is using a risk-based approach to drive security decisions, it likely meant making a lot of hard decisions about who your customers will be for the next 5-10 years and how to balance the costs of regulation requirements with customer data protections. It also meant having vulnerability assessments performed, building security policies and finding the right experts to help you navigate the regulation changes.

This was a huge year for any Chief Information Security Officer (CISO). If you met your organizational goals this year, you should be proud of yourself - this was one of the toughest years for CISOs since computers were invented. Doubtless there were times you considered throwing in the towel and giving up. I hope when you sat back to assess the situation, you found yourself with a newfound realization of the importance of preventative measures...


Security is all about people


Think about the thousands of people your work directly impacted this year. Succeeding in security means your company will be around longer to serve your customers. It means your employees and their families are having a wonderful year-end holiday, feeling secure to be gainfully employed for the foreseeable future. It means your stakeholders are feeling secure, too, trusting your input on how to keep company assets safe.

Improving cybersecurity within an organization also means your employees were trained on common methods of cyber and social engineering attacks. That training likely saved your company against threats and helped you retain a secure posture.

A shared responsibility


Hopefully, employees were less likely to share external drives between work and home machines, avoided using the company network for personal use, refrained from logging in directly with admin accounts and paused before following unknown links or clicking on email attachments. Some even went so far as to alert your department of potential threats, allowing you to act before having to react to a bigger situation.

Some employees even applied what they learned to their personal cyber lives: they narrowly dodged wiring money to a foreign scammer posing as a close family member stranded out of the country, didn’t give passwords to hackers to unlock their PayPal accounts and refrained from opening malicious attachments at home and having to figure out how to pay a Bitcoin ransom to get all their family photos back.

Your daily efforts are a battle against the vilest villains of the ethereal territories - cyberspace. And you are determined to win the war.


What's the plan? What will 2019 be like?


You're about to be inundated with prognostications of 2019 from everything cyber.
  • All internet activity will get more dangerous.
  • Hackers will keep getting better.
  • Attacks will become sneakier.


 Advice for 2019...


There are many factors that play into cybersecurity. This isn’t meant to scare you, but to prepare you. So many of our blog articles are written for CISOs and are there to gently remind you, educate you and sometimes, knock you upside the head, to say you must act now to avoid a potential cyber crisis.

With all the variables out there, I suggest you take a deep look inward. What are the big risks you accepted in 2018 and how do you reduce them further in 2019?

Take an iterative approach. You're not going to reduce your company’s risk to zero (ever...) but you can approach zero through methodical iterations. Chip away at the big risks until you have much more manageable little risks. You know the old adage:

How do you eat an elephant? 
One bite at a time.

Here's wishing you, your family and everyone involved with your company a Merry Christmas and a smaller elephant in 2019!

- Dave Hawkins, Analecta Cyber


Dave Hawkins is an information systems security engineer. He is the manager and cofounder of Analecta Cyber, a Maryland-based cybersecurity firm providing cyber risk assessments for small and medium sized businesses.


*
The personal views of Dave Hawkins are strictly his own. Analecta Cyber does not endorse, encourage or suggest the eating of elephants. : )


Analecta Cyber wishes you and your families a happy and “cybersecure” holiday season. For more tips on cybersecurity or if you have specific questions, send us an email anytime! 

Analecta Cyber is a Maryland-based cybersecurity firm providing cyber risk assessments for small and medium sized businesses. Analecta is a trusted partner to help companies achieve their cybersecurity objectives. Email us at info@analecta-llc.com or visit our Cybersecurity website.


Analecta Cyber - Managed Security Services logo

No comments :

Post a Comment