Cyber must evolve

Cyber must evolve

We all know the cybersecurity landscape is an ever-changing one. So how often should organisations review their cybersecurity strategy? If it’s a question that hasn’t been asked in a while, chances are that in this world of constant threat, you’re probably at risk, says Paul German, pictured, CEO at Certes Networks.


For despite the near constant stream of data breaches making headlines, far too many organisations insist their current cybersecurity model is good enough. However, the contrary holds true. Quite simply, if any of the statements below apply to your business, then it’s arguable that cybersecurity confidence is actually misplaced complacency.


We haven’t been hacked before, and I know where my organisation’s critical or sensitive data is at all times. Why change something that’s working today?


No business can ever be 100 per cent sure where its data is or that it hasn’t been compromised in transit. Failure to recognise this issue is a board-level responsibility.


We tick the boxes when it comes to GDPR, PCI DSS, HIPAA (and other regulations) so my organisation is secure. No company that has met their compliance requirements has ever been hacked, right?


Taking a compliance-led approach to securing customer data will cause a fundamental vulnerability within the cybersecurity infrastructure, simply waiting for hackers to exploit. Compliance is important, clearly, but it should be a subset of the overall, continuously evolving security strategy, rather than an end-point goal in itself. Organisations are understandably concerned about the financial penalties associated with failing to achieve regulatory compliance. But take a step back and consider the financial implications of a data breach, of high profile customer data compromise. That is a far more significant ..

Support the originator by clicking the read the rest link below.