Knowing, Assessing and Understanding the Threats to the InfoSec Body (Part One)

Article Published – By Stephan Kaplan

Details of data breaches, cyberthugs, and horrors of the “Dark Web” have leapt from Data Security blogs and publications into the mainstream business and news publications.  Much of this has been driven by the “mega-breaches” that have affected hundreds of millions of consumers.  The names are easily recognizable:  Marriott, Equifax, Yahoo.

Yet even with that threat, many businesses continue to do nothing (or too little) regarding Data Security.  A number of businesses have yet to assess their operational risks much less made attempts to properly address the opportunities to protect their clients, consumers, and their own organizations.

When businesses rise to action in addressing CyberSecurity, many will treat the threat as a one-time issue, performing a single (one-time) assessment and remediation, pursuing a specific certification in order to please a client, or similar singular (unrepeated) efforts.  It’s not enough.  It won’t do enough to protect your organization and the people who have data within your systems.

Imagine your organization as a human body, and the variety of possible hacks, viruses, and cyberincursions as threats to that body.  As you do so, the idea of “CyberSecurity as CyberWellness” begins to take shape.  A truly healthy person reacts not just to the most present and obvious threats to their body.  They take regular wellness checks, scheduling physicals and regular visits with applicable specialists (cardiologists, gynecologists, proctologists, etc.)  Quite a few find the right diet for optimal health.  Many exercise to “practice wellness” frequently.  Indeed, some may even enlist the help of a daily wellness expert such as a dietitian and/or trainer to keep in the best shape possible.

This all sounds like a lot of work to many of us.  It’s exhausting to think about (and reminds me I need to hit the gym…often).   Here is the difference: when we speak of CyberSecurity, your organizations are not just getting and staying “healthy” for you, but you do it for all who rely on you (employees, customers, clients, and the like).  Every individual who has data in your system is counting on you to protect the security of that information..  On top of all that, your organization may have important corporate data that they would not like to be shared.  Do you have non-disclosure agreements (NDAs)?  Do you want your corporate data held hostage or shared with the public or worse with your competition?

The point of this series is not to shame those who have underestimated or improperly reacted to this very current and growing threat to their organizational well-being.

Rather, it is to educate and to implore action.  Our first dive into the pool of CyberWellness takes us to the dark and murky world of hackers, malware, dirty tricks all actions which may endanger your organization and data.  We will also focus on some of the threats that are most prevalent to the Small/Medium Business (SMB) environment.

Stay tuned for the next article which will discuss prevalent threats to your organizations CyberSecurity Wellness ….

– Stephan Kaplan

About GoldSky Security

GoldSky Security offers small and medium sizes business cybersecurity solutions across the US and currently has offices in Orlando, Florida and in Denver, Phoenix, Nashville, Colorado & Washington D.C.