What Should Be Secured? I recently attended an IT security conference in Chicago and the keynote speaker’s address reminded me that IT people and business owners often have different views on what are your company’s assets and what constitutes adequate security. Dave Stelzl, author of The House & the Cloud, simplified the security model for business by comparing a business’s security to a home. We “Protect” our home with doors, windows, locks, and fences. However, we all know that these security measures do little to stop a determined or skilled burglar. The next ingredient is the ability to “Detect” a security breach. In a home we put in alarm systems, motion detectors, subscribe to monitoring services and support neighborhood crime watch groups. Finally, the most important provision of the security model is the “Response.” We have a dog that will bite the thief, some people will have a gun ready for intruders, others rely on the police to respond and others purchase insurance to replace lost items and repair any damage. Using the house as your business scenario you must ask three questions.
Your IT Department may do a great job of “Protecting” the physical assets of your company and your network. However, threats today are more likely to target the real assets of your business, the identity information you have collected on your employees, customers, and clients, intellectual assets you may possess, or links to outside assets – bank accounts or credit card information. NBC recently ran a news series and showed that a single personal identity with credit card information could be sold via the internet for $5. TJ Maxx, the retailer, reported a breach of over 40 million credit card accounts. Multiply that number by $5 and do the math. Identity theft is big business. Who or what is at risk when your company is exposed to an identity theft? The business itself, its owners, and principals are all at risk. Even if the depth of the TJ Maxx exposure is not as great as reported, can your company survive the bad press generated, even if a retraction follows? No one can guarantee 100% security. A firewall alone is no longer adequate protection. Unified Threat Management Devices (UTM) are now common and should be the basis for security protection. Written company policies regarding the internet, email, and the use of company information should be implemented and reinforced to every employee. Threats are not just external. Disgruntled employees and other internal attacks still account for a majority of the IT security incidents. So when you take a close look at your company and its valuable assets ask the three questions above and see if you can live with your answers |
UPCOMING VIRTUAL EVENTS
Demystifying Cyber Security for SMBs
The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.
SESSION 4: Cyber Security Strategy
Watch On-Demand
SESSION 5: Cyber Insurance & MFA
Watch On-Demand
SESSION 6: Threat Detection | JAN. 15
Microsoft Copilot
Master Class Workshop
eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.
In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.
RESOURCES
Cyber Security Awareness Hub
Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.
We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.
Resource Library
Insights to help you do what you do better, faster and more profitably.
> Tips to Stay Protected Against Phishing Attacks
> Understanding Ransomware
> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them
> Practical Advice for Avoiding Phishing Emails
NEWSLETTER
"*" indicates required fields