Are You Thinking About Cybersecurity The Right Way?
In today’s business environment, there is a tendency for executives and board members to categorize things into handy buckets—it is human nature. They often think of cybersecurity as an IT issue, but that is the wrong way of thinking. Cybersecurity is really a risk issue. Today, Data is the lifeblood of every business.
Any type of data breach or computer hack has the potential to disrupt your business by impacting your brand and creating risk for your organization. Not only can the failure to protect client data result in a breach of trust with the general public, it can also come with financial penalties arising out of privacy regulations such as HIPAA, GDPR, and Sarbanes Oxley.
While it may be effective and reliable, a company’s IT department is not necessarily thinking about cybersecurity from a revenue, brand, and risk standpoint.
Instead, the most appropriate place to discuss cybersecurity is at the board and C-suite level. Sure, boards and C-suites are now asking more questions about cybersecurity, but you cannot delegate this risk; a business needs to look at cybersecurity as a risk to the organization as a whole.
Businesses that are part of a supply chain and businesses that have moved to a work from home model are increasingly coming under scrutiny for how they are protecting information as well. If you want to create strategic differentiators, you need to show you can protect not only your data, but also that of your supply chain.
You may already require your supply chain to implement certain mandates. But what about their subcomponent manufacturers and others they do business with?
THE FOUR PILLARS OF CYBERSECURITY
Cybersecurity should focus on data protection at the edge, and look at the most vulnerable cyberattack entry points—the devices people use every day, such as laptops, desktops, tablets and smartphones.
At MCPc we help organizations dramatically minimize their risk of disruption from inefficiencies in their people and systems, or unforeseen events like cyber-attacks or economic downturns. Our dedication is to help every client achieve SecurityCertaintySM through our industry leading protocol, Chain-of-Custody Security SolutionSM, we provide clients with holistic, real-time defense of the most vulnerable cyber-attack surfaces – every smartphone, tablet, laptop, desktop, and IoT connected device businesses use every day.
We divide what we do into four pillars that represent the phases of a device’s lifecycle:
1. Secure Technology Logistics
We help our clients acquire the right technology, at the right value, configured the right way, delivered at the right time, optimize performance, user experience, supportability, spend, and hardened with the right security to thwart the threats of today and tomorrow.
Our services improve end user productivity, reduce cost, enhance security, and optimize the IT supply chain through modern IT lifecycle management. For us security is built-in, not bolted-on.
2. Security Risk Management
We holistically improve the security and financial well-being of our clients by integrating best in class software with top tech talent to provide unsurpassed security risk management solutions to protect our clients most vulnerable cyber attack devices – every smartphone, tablet, laptop, desktop and IoT device businesses use every day.
For the lifetime that data is on a device, it has to be protected. We send a healthy device out into the world but sometimes the world has other intentions. And, as frameworks and regulations change, we’re able to remotely update security levels.
One of the first things we tackle is basic cyber hygiene. The most common reason for successful breaches is a user clicking on something they should not have. As consumers of technology, collectively, we are not practicing proper cyber hygiene. Indeed, it takes an average of 102 days to patch known vulnerabilities “2018 State of Endpoint Security Risk.” Ponemon Institute. Another component of basic cyber hygiene is malware detection or virus scans. We find that most organizations struggle to identify what assets they have, where they are, and what is the state of their cyber hygiene.
3. Secure Technology Asset Disposition
Data on retired devices will never die unless there is a disciplined and documented effort to eradicate it. By the end of its life, that device, the data stored on it, and its ability to access your data center makes it very valuable to hackers.
The purpose of our Asset Disposition centers is designed to reduce risk, manage compliance and optimize the total cost of IT ownership through specific attention to: Security, Sustainability, and Asset Value Intelligence. If the device still has usable life, we will wipe it clean and provide a Certificate of Data Destruction, then return that device to the client or remarket it returning cash to the client. If there is no residual value left, we will safely dismantle the device and recycle it. We have a stringent 100% data destruction and 0% landfill policy, so everything goes back into use to create the next generation of technology.
4. IT Asset Management
Through the life cycle of data and the devices it lives on we impose an IT asset management multidimensional relational database. This provides visibility to a comprehensive range of IT enabled assets both on and off-network to protect data, maintain compliance, and optimize technology spend– helping organizations minimize risk and identify areas to significantly save on technology costs.
Organizations are able to see exactly where their data exists, on what device it resides, who has access to that data, and if and how it is protected.
Data is the new oil. It runs the engine of business. It is the thing everyone wants, and it is easy for hackers to get. Therefore, we need to be vigilant and protect it.
How certain are you that your data is protected?
Originally published on: https://www.rims.org/
Updated on: 06/18/2020