Asking these 4 questions will stop up to 90% of hacks

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://fortune.com/2015/10/13/four-steps-to-stop-hacks/

Think you don’t have to worry about cybersecurity? Think again.

“You don’t think you have this problem? You have this problem,” said Jane
Holl Lute, CEO of the Center for Internet Security, at an eye-opening panel
at Fortune‘s Most Powerful Women Summit in Washington, D.C. on Tuesday.
“We’re all on the same internet, facing the same problems.”

Globally, there were more than 40 million cyber attacks on businesses last
year, up nearly 50% from 2013. What’s more, the opportunities for hackers
and other bad actors will only grow. Helen Greiner, CEO of drone-maker
CyPhy Works, reminded the MPW audience that drone deliveries and driverless
cars are on the horizon. “Imagine if they are hacked,” she said.

The possibilities are frightening, but there’s no reason to panic.
According to Lute, following the four basic steps of cyber security
“hygiene” can head off up to 90% of attacks. All companies and
organizations should ask themselves the following questions, she advised:

1. Do we know what is connected to our network? (“The answer is usually
no,” said Lute.)

2. Do we know what’s running—or trying to run—on our networks?

3. Do we properly manage the people who have administrative permission to
wander around our network?This includes ensuring that employees and
administrators are not sharing passwords. (“Would you share you
toothbrush?” asked Lute. “Please say, ‘no.'”)

4. Do we have an automatic system that continuously monitors our network?

If the answer to any of the above is a negative, your team should
immediately take all required steps to get to “yes.”

Paula Tolliver, corporate VP of Dow Chemical Company  DOW -0.41% , agreed
that these steps are vitally important and noted that companies sometimes
make the mistake of investing significant money in other technologies to
help defend against cyber attacks before focusing on good hygiene and
understanding their own unique threat landscape. “Get the fundamentals
right—then advance your tech,” she said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!