SecurityInfoWatch.com Says Cybersecurity is a Shared Responsibility
Hikvision Overviews Spear Phishing, Offers Advice to Prevent Security Breach
In the SecurityInfoWatch.com (SIW) article, “Cybersecurity is everyone's workplace responsibility,” the author explains why everyone in an organization must focus on cybersecurity as a shared responsibility, to reduce the risk of security breach and other cyber threats.
From the article: “According to a report from PhishMe, 91 percent of cyberattacks that lead to a successful data breach began with a spear phishing email. There’s also the risk of malicious insiders, misconfiguration of servers and tools, and simple mistakes, such as including the wrong person in a sensitive email chain or leaving a laptop on a train. Maintaining any organization’s security should be a shared responsibility.”
The author recommends organizations begin by assessing their risk, setting procedures, and then educating employees on those procedures. “They [employees] need to know exactly who to contact and what information they need to provide if something happens. Whether they realize they’ve misconfigured a system and allowed unauthorized access to sensitive data, or they merely suspect that by clicking a link in an email their device may have been infected by malware if they have a clear set of instructions to follow you have a much better chance of limiting damage.”
Provide Employees Security Training
Educate employees to help them better understand how to minimize risky behavior. Employee cybersecurity education should cover passwords, links and attachments in emails, and other phishing attacks. Training should be ongoing, as cyberattacks are always adapting and increasing in sophistication. Security risks are lowered by 70 percent for businesses who invest in cybersecurity awareness and training, according to the article.
Make Cybersecurity Part of Your Company Culture
The SIW article recommends testing employees with mock phishing emails or other attacks to ensure they are following cybersecurity protocols. Those who adhere to good security hygiene should be rewarded and acknowledged for contributing to the improve cybersecurity of the organization.
Recommended Next Steps
The article recommends automation of technical control as a best practice, such as enforcing strong password policies and creating privilege lock-downs according to user roles.
The Center for Internet Security (CIS), a nonprofit organization dedicated to cyber defense best practices, is a recommended resource for industry practices for operating systems, enterprise applications, and public clouds.
Creating a cyber-secure workforce requires each company to manage its people, processes, and controls for enforcing these procedures. Gathering buy-in for cyber-secure practices should be a process that involves all levels of employees, with everyone taking responsibility for the ways that they can reduce the risks of security breach.
You can read the full article here.
Hikvision Proactive About Cybersecurity, Overviews Spear Phishing
Hikvision takes cybersecurity very seriously, and has been proactive in its cybersecurity efforts by establishing a cybersecurity hotline and offering partners an online Cybersecurity Center with firmware updates. Security Sales & Integration referenced Hikvision’s efforts, calling the company among the most proactive in the cybersecurity realm in this article.
In an effort to establish best practices and educate employees and partners, Hikvision’s cybersecurity director, Chuck Davis, has authored several blogs about preventing malware cyberattacks, tips to protect yourself online, network security and segmentation. His most recent blogs series is two parts about spear phishing, a special kind of phishing attack. Click here to read part one, “Hikvision Cybersecurity Director Discusses Spear Phishing,” and here for part two.