Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

7 ceo cybersecurity actions - cyber security tips and tricks

36,605 views

Published on

Here are 7 cyber security tips CEOs can use right now to protect their data and their networks:
Implement a culture of tight cybersecurity.
Good bank managers consistently emphasize the bank’s security policies; CEOs can do the same. In many companies this will represent a true cultural shift and it will be hard. It must begin at the top and must be enforced at every level within the organization.
Don’t take it from me.
According to a PWC report almost half of Boards still view cybersecurity as an IT matter, rather than an enterprise-wide risk issue.
Ban USB flash drives.
But isn’t this too hard to do? Not really. The Department of Defense has banned them for years. Not only has the DoD banned flash drives; they have alarm systems in place and track and report use violations.
These ubiquitous devices can carry viruses and other malware. Additionally, because they are easy to conceal and can store huge amounts of data they are great tools for cybercriminals.
I’ve lived without flash drives for the past 7 years and it’s hard for me to imagine they’re still around.
Get serious about passwords.
Here are the top seven passwords according to lifehacker:
123456
password
12345
12345678
qwerty
123456789
1234
Sad.
Implement a password policy, inspect it, and enforce it. Passwords should be 12 characters, upper and lowercase letters, numbers and special characters. There’s a plethora of websites devoted to how to build a strong password and, just as importantly, how to remember them.
Re-certify every email account.
Require it be done in person and with a valid ID. Pick a date 30 days from now and lock uncertified accounts after that date. An additional 30 days later, delete uncertified accounts. Simple, and closes avenues of approach from cyber criminals.
Implement mandatory information assurance training.
OK, I don’t like this one any more than you do, but it works and more importantly it helps establish the culture. Be the first to take the training and mandate your senior executives do the same. Lock accounts of those that don’t complete the training in a timely manner.
Track and monitor software patch implementation.
Software patches are more than fixing glitches in the software; they’re designed to protect you from the latest malware. Get’em done.
Limit access to your most valuable data.
Make it hard to see. Did Private Manning really need access to hundreds of thousands of U.S. diplomatic cables? Was it essential Edward Snowden have access to a million classified files? True, history and human nature indicate we may never eliminate the insider threat, but we do have the ability to limit what’s taken.
Implement these policies.
Today. Got more ideas? Join the conversation and let’s hear them.
In collaboration with Julia Nash

Published in: Business

7 ceo cybersecurity actions - cyber security tips and tricks

  1. 1. 7 CEO CYBERSECURITY ACTIONS
  2. 2. 1. IMPLEMENT A CULTURE OF TIGHT CYBERSECURITY
  3. 3. PWC 2015 REPORT 50% OF BOARDS SEE IT AS AN I.T. ISSUE
  4. 4. IT'S NOT IT'S A CEO ISSUE!
  5. 5. 2. BAN USB THUMB DRIVES
  6. 6. TOO HARD? DEPARTMENT OF DEFENSE BANNED THEM IN '07
  7. 7. USB CARRY VIRUSES AND MALWARE
  8. 8. HARD TO BELIEVE THEY STILL EXIST
  9. 9. I HAVEN'T USED ONE FOR 9 YEARS
  10. 10. 3. GET SERIOUS ABOUT PASSWORDS
  11. 11. TOP 7 PASSWORDS IN 2015 • 123456 • password • 12345 • 12345678 • qwerty • 123456789 • 1234
  12. 12. SAD
  13. 13. IMPLEMENT, INSPECT & ENFORCE A REAL PASSWORD POLICY
  14. 14. 14 CHARACTERS SPECIAL CHARACTERS, NUMBERS, CAPITAL LETTERS, ETC
  15. 15. CHANGE THEM AT LEAST EVERY 90 DAYS
  16. 16. 4. RE-CERTIFY EVERY EMAIL ACCOUNT
  17. 17. DO IT AT LEAST SEMI-ANNUALLY
  18. 18. 5. MANDATORY INFORMATION ASSURANCE TRAINING
  19. 19. TRAINING MAY BE UNPOPULAR BUT IT'S EFFECTIVE
  20. 20. 6. TRACK & MONITOR SOFTWARE PATCH IMPLEMENTATION
  21. 21. PATCHES CLOSE BACK DOORS AND PROVIDE UPDATES FOR LATEST THREATS
  22. 22. 7. LIMIT ACCESS TO MOST SENSITIVE DATA
  23. 23. WHY DID MANNING & SNOWDEN HAVE SO MUCH ACCESS?
  24. 24. 7 CEO ACTIONS Implement culture Ban USBs Serious passwords Re-certify accounts Mandatory training Track patches Limit access
  25. 25. Do it TODAY
  26. 26. Share

×