There was a time when credit card companies were considered to be the primary targets for cyberattacks. But as the financial gains from those exploits have decreased, cyberattackers have adjusted their approach to include a wider array of targets. In recognition of the fact that every company in every industry is now susceptible, and in fact likely to be attacked, it’s common for companies of every size to have some kind of cybersecurity plan in place. While the specifics of such security plans may vary, here are three of the most widely adopted strategies.
1. C-suite involvement
The protection of company assets is no longer the domain of a few people in IT. According to a recent survey report by PricewaterhouseCooper, more than half of the companies that responded employ a chief information security officer (CISO). This seat at the table means senior management in all departments is likely to have an informed view of potential risks and of what is and can be done to safeguard key information. In addition, company board members are taking an increasingly active interest in security activities, which has some effect on budget allocations.
2. Cloud-based cybersecurity
Security as a service is used increasingly for many of the same reasons any cloud-based service is used. Cloud services can bring expert teams together and apply their work to multiple customers, thus lowering the cost for any individual customer. In the security realm, threats are common to multiple targets, so the practice of applying security expertise, software, and protection systems is particularly effective in gathering and applying intelligence quickly. As a result, each customer’s company receives top-quality protection without the expense of maintaining it themselves.
Sharing experience and information about security issues is increasingly popular and is effective in reducing the impact of cyberbreaches. Unlike collaboration involving products or strategies, companies within the same industries are finding that when they share information about their own security issues and processes, they are better able to protect themselves. Participating companies gain the advantage of knowing about breaches that may affect their own systems and are able to take appropriate actions early. In addition, collaboration with law enforcement and government agencies delivers the same kinds of advantages on a larger scale.
Cybersecurity is a top concern as companies invest in new technologies and increasingly make use of data to advance their goals. As cloud computing is leveraged to improve performance and speed innovation, it has become the focus of data thieves. Fortunately, the big data and analytic technology delivering business insight is also put to use protecting companies and their data. Cloud-based services along with enterprise-wide awareness of the risks and need for protection are becoming the best available measures to grow and thrive in the face of increasing cyberthreats.
Scott Koegler is a technology journalist with a specialization on the intersection of business and technology. All opinions are his own. AT&T has sponsored this blog post.