News

Updating security plans: Traditional approaches outdated

Recent industry research shows that today's businesses are lacking when it comes to cybersecurity, leveraging outdated approaches that are no longer effective in the current threat environment.

According to findings of Robert Half Technology's IT Leaders' Roundtable event, enterprises that are not working to update and improve their data protection strategies are putting themselves at risk of considerable harm to their finances and brand reputation. The main issue in many groups is a lack of communication among company leaders and the IT department. Although technology workers may be aware of the security threats currently affecting the enterprise sector, if decision-makers are not notified, it will be difficult for firms to protect themselves. Furthermore, even when administrators do know about security risks, they may have a skewed view on deploying protection.

"While boards of directors are aware of the risks associated with cybercrime, partly because of recent high profile attacks in the news and partly because of guidance from GCHQ and other government bodies, they tend to view expenditure on measures to tackle cybercrime as overheads, rather than risk mitigation," Robert Half Technology stated.

However, by demonstrating how a breach can affect a company, employees can make a strong business case for updating the enterprise's cybersecurity strategy. Security expert Ryan Rubin noted that traditional approaches currently in place in many organizations need to be shifted to better protect the group and reduce the risk of attack.

"The average cost of a data breach is $250 per record - and there are mounting expectations that a company will do something for customers whose information have been compromised," Rubin said. "As well as reputational damage, companies can face costs that escalate very quickly."

Steps to update cybersecurity plans
Once administrators understand the significant importance of reworking the firm's security plans, the organization can take steps to bring their traditional plans into the future.

Deloitte suggested leveraging a "defense-in-depth" strategy that includes being aware of current threats, industry standards and risk controls.

"Based on leading practices,...firms can build a "defense-in-depth" approach to address known and emerging threats," Deloitte stated. "This involves a number of mutually reinforcing security layers both to provide redundancy and potentially slow down the progression of attacks in progress, if not prevent them."

Keeping this advice in mind, organizations should implement a layered security model that includes a variety of protection measures. For example, databases containing sensitive information should be doubly safeguarded against unauthorized access through the deployment of authentication credentials and encryption. In this way, even if a hacker is able to sidestep password protection, they won't be able to decipher the content. These measures also bolster the computer security throughout the company. 

Administrators should also look to update their website security measures to better protect their customers. An SSL certificate should be in place to ensure that payment and other sensitive data is kept safe. There are several different types of SSL certificates that provide a range of protections, and a trusted certificate authority can help an enterprise choose the best one to meet their needs.

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

Buy now! Try now!