SlideShare a Scribd company logo

Cybersecurity-2013

J
Jennie Hwang
1 of 2
Download to read offline
56 SMT Magazine • July 2013 We are living in a digital world. The digital world is characterized by big data, social me- dia, mobile-gaming, Internet communication, cloud computing and ultra-connectivity. As a result, we benefit immensely from various new tools and vast information flow, which were not available as recent as just 25 years ago. Re- gardless of which industry we serve and which capacity we hold, we are now working in the cyberspace. Cyberspace is changing the way we do business and every aspect of our lives. Living in this global network of computers also comes with new demands and challenges. As data has become a new asset of the digital world, various incidents of cyber attacks and ex- tortion attempting to take data as hostage have occurred. For example, when a company’s com- puter system is broken into, its access codes and passwords are then changed and its customers are locked out of its own system, and a ransom is demanded. This could be triggered by an in- sider (employee) or an outsider (hacker in any locale). Futher, a cyber thief could just simply steal the corporate secrets or confidential and proprietary information, and then demand a ransom. Cyber attacks are and will continue to be a huge concern to U.S. corporations in the foreseeable future. It’s a matter of when, not if. It is not industry-specific and every compa- ny will have to deal with this challenge. The earlier preparation is made, the better a com- pany is positioned to fend off the attack. The most insidious nature of cyber attack is that it could happen with ease anywhere, anytime, without physical boundaries and across nation- al borders. In the recent decade, there have been an in- creasing number of computers being compro- mised with malware and corporate IT systems being breached. A company from the board- room to the factory floor including each of the employees must work in tandem. For corporate directors, this creates a new dimension in board- by Dr. Jennie S. Hwang CEO, H-Technologies Group SMT perspectives and prospects column Cyber Security: From Boardroom to Factory Floor 56 SMT Magazine • July 2013
58 SMT Magazine • July 2013 room oversight. So how do we tackle this new dimension and what is the proper board over- sight so that the company can prevent, mitigate and detect the risks of cyber attacks and cyber extortion? What should employees be aware of and how do they execute each of the tactics to avoid becoming a victim individually or collec- tively? As digital technology continues to advance and the cyber landscape is still evolving, IT op- erating systems, firewalls and security software are not perfect at any point in time. Hackers of every nationality are working relentlessly to at- tack their targets and poke holes. Avoiding Victimization: As a Company or an Individual Employee In my view, there is not a panacea. Nonethe- less, a company needs to establish a robust sys- tem coupled with good cyber practice through a two-prong strategy, which should be embedded with multiple lines of defense and deterrents. The following two-prong strategy intently em- braces both mitigation and crisis management: • Mitigating strategy is to avoid becoming a victim • Crisis management strategy is to react and manage the attack if it occurs A company must cultivate what I call a cy- ber culture. The effort is to make a cyber attack as difficult and strenuous as can be so that the corporate operating and network system is far away from being the low-hanging fruit. Under a savvy and diligent board oversight, a cyber culture can be cultivated over time with persistent and pervasive effort by considering the following 20 actionable items. 1. Implement clear and consistent written policies and rules in the use of company com- puter and data systems 2. Provide employee awareness training 3. Establish a well-informed workforce 4. Encourage employees to observe and de- tect unusual attempts to gain access 5. Monitor unusual attempts by artificial in- telligence detect system (in-house or via a third party) 6. Install quality and current antivirus and malware software 7. Update browsers and operating systems 8. Understand the likely “holes” of software 9. Pay attention to both software and its configuration 10. Perform firewall, antivirus, network vul- nerability testing 11. Perform regular computer security re- view 12. Perform security audits 13. Implement computer access control 14. Implement physical access deterrents 15. Consider, when appropriate, cyber secu- rity insurance against sensitive data breaches, hacking, sabotage, and other cyber-vulnerable incidents 16. Observe cyber security standards when applicable 17. Exercise a need-to-know policy 18. Nurture a positive working environment 19. Practice a company-wide, performance- based reward system 20. Keep pace with emerging technologies How about the incurring cost? Yes, we should be mindful about the cost related to upkeep cy- ber security. It takes an astute balancing act to implement sufficient control with acceptable cost while avoiding operational impediments. Under today’s environment, lack of awareness and unpreparedness is the most precarious posi- tion a company can put itself in. In short, be prepared with current knowl- edge, updated know-how and a living strategy to counter this insidious corporate risk. SMT smt perspectives and prospects Dr. Jennie Hwang is CEO of H-Technology Group and a pioneer and long-standing con- tributor to SMT manufacturing since its inception. She is the author of 350+ publications and several textbooks, and an inter- national speaker and author on trade, busi- ness, education, and social issues. To read past columns or contact Dr. Hwang, click here, or phone (216) 577-3284. cyber security: from boardroom to factory floor continues

Recommended

Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best PracticesEvolve IP
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for NonprofitsCommunity IT Innovators
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity reportKevin Leffew
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 

Recommended

Shift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceShift Toward Dynamic Cyber Resilience
Shift Toward Dynamic Cyber ResilienceDarren Argyle
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best PracticesEvolve IP
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for NonprofitsCommunity IT Innovators
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
Cybersecurity report
Cybersecurity reportCybersecurity report
Cybersecurity reportKevin Leffew
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
Cyber Security Lessons from the NSA
Cyber Security Lessons from the NSACyber Security Lessons from the NSA
Cyber Security Lessons from the NSACipherCloud
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Niran Seriki, CCISO, CISM
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistancePaul-Charife Allen
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016DWP Information Architects Inc.
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Matthew Rosenquist
 
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case StudyCredo Ventures
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing OCTF Industry Engagement
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Securityinside-BigData.com
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat ResponseVivek Jindaniya
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security RiskMurray Security Services
 
Canada goose-South Korean opportunity
Canada goose-South Korean opportunityCanada goose-South Korean opportunity
Canada goose-South Korean opportunityAnkur Mukherjee
 
Canada Goose Inc.
Canada Goose Inc.Canada Goose Inc.
Canada Goose Inc.Argha Ray
 

More Related Content

What's hot

Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnKloudLearn
 
Cyber Security Lessons from the NSA
Cyber Security Lessons from the NSACyber Security Lessons from the NSA
Cyber Security Lessons from the NSACipherCloud
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Niran Seriki, CCISO, CISM
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistancePaul-Charife Allen
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceCollege Development Network
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approachesvngundi
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Matthew Rosenquist
 
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case StudyCredo Ventures
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Securityinside-BigData.com
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat ResponseVivek Jindaniya
 

What's hot (20)

Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - Kloudlearn
 
Cyber Security Lessons from the NSA
Cyber Security Lessons from the NSACyber Security Lessons from the NSA
Cyber Security Lessons from the NSA
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber Security
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistance
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
 
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your ServiceVirtual Bridge Sessions: The National Cyber Security Centre at Your Service
Virtual Bridge Sessions: The National Cyber Security Centre at Your Service
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
 
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and OverviewTripwire University: Cyberwar Boot Camp – Introduction and Overview
Tripwire University: Cyberwar Boot Camp – Introduction and Overview
 
Cognitive Security Case Study
Cognitive Security Case StudyCognitive Security Case Study
Cognitive Security Case Study
 
CRI Cyber Board Briefing
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Security
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat Response
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 

Viewers also liked

Canada goose-South Korean opportunity
Canada goose-South Korean opportunityCanada goose-South Korean opportunity
Canada goose-South Korean opportunityAnkur Mukherjee
 
Canada Goose Inc.
Canada Goose Inc.Canada Goose Inc.
Canada Goose Inc.Argha Ray
 
Consumer&business buying behavior
Consumer&business buying behaviorConsumer&business buying behavior
Consumer&business buying behaviorManish Parihar
 
Chapter 4: Business Buying Behavior
Chapter 4: Business Buying BehaviorChapter 4: Business Buying Behavior
Chapter 4: Business Buying Behaviortjamisonedu
 
Business buying behaviour
Business buying behaviourBusiness buying behaviour
Business buying behaviourOsmawati Osman
 
CHANEL brand analyses presentation
CHANEL brand analyses presentationCHANEL brand analyses presentation
CHANEL brand analyses presentationHimel Hawlader
 
Marketing Strategy Analysis Apple iPhone
Marketing Strategy Analysis Apple iPhoneMarketing Strategy Analysis Apple iPhone
Marketing Strategy Analysis Apple iPhoneMKTGatHPU
 
Marketing Mix of Apple iPhone
Marketing Mix of Apple iPhoneMarketing Mix of Apple iPhone
Marketing Mix of Apple iPhonePratik Shah
 
Pricing Ppt
Pricing PptPricing Ppt
Pricing Pptsid30
 
PPT on pricing strategies
PPT on pricing strategiesPPT on pricing strategies
PPT on pricing strategiesITC Limited
 
Marketting mix ppt
Marketting mix pptMarketting mix ppt
Marketting mix pptabhishek2406
 

Viewers also liked (15)

Canada goose-South Korean opportunity
Canada goose-South Korean opportunityCanada goose-South Korean opportunity
Canada goose-South Korean opportunity
 
Canada Goose Inc.
Canada Goose Inc.Canada Goose Inc.
Canada Goose Inc.
 
Marketing mix final ppt
Marketing mix final pptMarketing mix final ppt
Marketing mix final ppt
 
Consumer&business buying behavior
Consumer&business buying behaviorConsumer&business buying behavior
Consumer&business buying behavior
 
Chapter 4: Business Buying Behavior
Chapter 4: Business Buying BehaviorChapter 4: Business Buying Behavior
Chapter 4: Business Buying Behavior
 
Marketing mix apple_iphone
Marketing mix apple_iphoneMarketing mix apple_iphone
Marketing mix apple_iphone
 
Business buying behaviour
Business buying behaviourBusiness buying behaviour
Business buying behaviour
 
CHANEL brand analyses presentation
CHANEL brand analyses presentationCHANEL brand analyses presentation
CHANEL brand analyses presentation
 
Marketing Strategy Analysis Apple iPhone
Marketing Strategy Analysis Apple iPhoneMarketing Strategy Analysis Apple iPhone
Marketing Strategy Analysis Apple iPhone
 
Marketing Mix of Apple iPhone
Marketing Mix of Apple iPhoneMarketing Mix of Apple iPhone
Marketing Mix of Apple iPhone
 
Pepsi marketing mix
Pepsi marketing mixPepsi marketing mix
Pepsi marketing mix
 
Pricing Ppt
Pricing PptPricing Ppt
Pricing Ppt
 
Coca cola 4 p s
Coca cola 4 p sCoca cola 4 p s
Coca cola 4 p s
 
PPT on pricing strategies
PPT on pricing strategiesPPT on pricing strategies
PPT on pricing strategies
 
Marketting mix ppt
Marketting mix pptMarketting mix ppt
Marketting mix ppt
 

Similar to Cybersecurity-2013

The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowDharmendra Rama
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internetaccenture
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internetaccenture
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOsIBM Security
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdSusan Darby
 
BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023CBIZ, Inc.
 
What The Cyber Entails-2.pdf
What The Cyber Entails-2.pdfWhat The Cyber Entails-2.pdf
What The Cyber Entails-2.pdfChinatu Uzuegbu
 
Cyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptxCyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptxAhad
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assetscyberprosocial
 
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfThe Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfAhad
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalCMR WORLD TECH
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiebuc
 
Ciso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal itCiso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal itChandra Sekhar Tondepu
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations centerCMR WORLD TECH
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemAustin Eppstein
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.Merry D'souza
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 

Similar to Cybersecurity-2013 (20)

The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
 
Cyber threat forecast 2018..
Cyber threat forecast 2018..Cyber threat forecast 2018..
Cyber threat forecast 2018..
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the InternetSecuring the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Ten Security Essentials for CIOs
Ten Security Essentials for CIOsTen Security Essentials for CIOs
Ten Security Essentials for CIOs
 
Cyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sdCyber Resilience white paper 20160401_sd
Cyber Resilience white paper 20160401_sd
 
BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023
 
What The Cyber Entails-2.pdf
What The Cyber Entails-2.pdfWhat The Cyber Entails-2.pdf
What The Cyber Entails-2.pdf
 
16231
1623116231
16231
 
Cyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptxCyber threat Intelligence Dubai - Ahad.pptx
Cyber threat Intelligence Dubai - Ahad.pptx
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
 
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdfThe Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
The Unconventional Guide to Cyber Threat Intelligence - Ahad.pdf
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digital
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
 
Ciso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal itCiso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal it
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 

Cybersecurity-2013

  • 1. 56 SMT Magazine • July 2013 We are living in a digital world. The digital world is characterized by big data, social me- dia, mobile-gaming, Internet communication, cloud computing and ultra-connectivity. As a result, we benefit immensely from various new tools and vast information flow, which were not available as recent as just 25 years ago. Re- gardless of which industry we serve and which capacity we hold, we are now working in the cyberspace. Cyberspace is changing the way we do business and every aspect of our lives. Living in this global network of computers also comes with new demands and challenges. As data has become a new asset of the digital world, various incidents of cyber attacks and ex- tortion attempting to take data as hostage have occurred. For example, when a company’s com- puter system is broken into, its access codes and passwords are then changed and its customers are locked out of its own system, and a ransom is demanded. This could be triggered by an in- sider (employee) or an outsider (hacker in any locale). Futher, a cyber thief could just simply steal the corporate secrets or confidential and proprietary information, and then demand a ransom. Cyber attacks are and will continue to be a huge concern to U.S. corporations in the foreseeable future. It’s a matter of when, not if. It is not industry-specific and every compa- ny will have to deal with this challenge. The earlier preparation is made, the better a com- pany is positioned to fend off the attack. The most insidious nature of cyber attack is that it could happen with ease anywhere, anytime, without physical boundaries and across nation- al borders. In the recent decade, there have been an in- creasing number of computers being compro- mised with malware and corporate IT systems being breached. A company from the board- room to the factory floor including each of the employees must work in tandem. For corporate directors, this creates a new dimension in board- by Dr. Jennie S. Hwang CEO, H-Technologies Group SMT perspectives and prospects column Cyber Security: From Boardroom to Factory Floor 56 SMT Magazine • July 2013
  • 2. 58 SMT Magazine • July 2013 room oversight. So how do we tackle this new dimension and what is the proper board over- sight so that the company can prevent, mitigate and detect the risks of cyber attacks and cyber extortion? What should employees be aware of and how do they execute each of the tactics to avoid becoming a victim individually or collec- tively? As digital technology continues to advance and the cyber landscape is still evolving, IT op- erating systems, firewalls and security software are not perfect at any point in time. Hackers of every nationality are working relentlessly to at- tack their targets and poke holes. Avoiding Victimization: As a Company or an Individual Employee In my view, there is not a panacea. Nonethe- less, a company needs to establish a robust sys- tem coupled with good cyber practice through a two-prong strategy, which should be embedded with multiple lines of defense and deterrents. The following two-prong strategy intently em- braces both mitigation and crisis management: • Mitigating strategy is to avoid becoming a victim • Crisis management strategy is to react and manage the attack if it occurs A company must cultivate what I call a cy- ber culture. The effort is to make a cyber attack as difficult and strenuous as can be so that the corporate operating and network system is far away from being the low-hanging fruit. Under a savvy and diligent board oversight, a cyber culture can be cultivated over time with persistent and pervasive effort by considering the following 20 actionable items. 1. Implement clear and consistent written policies and rules in the use of company com- puter and data systems 2. Provide employee awareness training 3. Establish a well-informed workforce 4. Encourage employees to observe and de- tect unusual attempts to gain access 5. Monitor unusual attempts by artificial in- telligence detect system (in-house or via a third party) 6. Install quality and current antivirus and malware software 7. Update browsers and operating systems 8. Understand the likely “holes” of software 9. Pay attention to both software and its configuration 10. Perform firewall, antivirus, network vul- nerability testing 11. Perform regular computer security re- view 12. Perform security audits 13. Implement computer access control 14. Implement physical access deterrents 15. Consider, when appropriate, cyber secu- rity insurance against sensitive data breaches, hacking, sabotage, and other cyber-vulnerable incidents 16. Observe cyber security standards when applicable 17. Exercise a need-to-know policy 18. Nurture a positive working environment 19. Practice a company-wide, performance- based reward system 20. Keep pace with emerging technologies How about the incurring cost? Yes, we should be mindful about the cost related to upkeep cy- ber security. It takes an astute balancing act to implement sufficient control with acceptable cost while avoiding operational impediments. Under today’s environment, lack of awareness and unpreparedness is the most precarious posi- tion a company can put itself in. In short, be prepared with current knowl- edge, updated know-how and a living strategy to counter this insidious corporate risk. SMT smt perspectives and prospects Dr. Jennie Hwang is CEO of H-Technology Group and a pioneer and long-standing con- tributor to SMT manufacturing since its inception. She is the author of 350+ publications and several textbooks, and an inter- national speaker and author on trade, busi- ness, education, and social issues. To read past columns or contact Dr. Hwang, click here, or phone (216) 577-3284. cyber security: from boardroom to factory floor continues