Stay Focused on Cybersecurity Due Diligence
CEO’s ranked cybersecurity as the number one threat to the global economy over the next five to ten years, according to a 2019 CEO Imperative Study conducted by management consultancy Ernst & Young. That sentiment is unlikely to change in 2020.
We’re All Human
Dr. Richard White, cybersecurity consultant and author of Cyber Crime: The Madness Behind the Methods, says “The problem isn’t getting any better because we’re dealing with a human problem, not a technology problem.”
While humans are behind cyberattacks, their targets are also human. This makes it essential that employees at every company remain vigilant with their online behavior to keep the entire organization safe.
Following a set of best practices for cybersecurity due diligence. These are the best defense for front line employees.
There are five key cybersecurity practices every employee should follow, according to Dr. White. He suggests cybersecurity policies should instruct every employee to:
1. Check for phishing or other scams either online and/or with a company security representative before opening suspicious-looking emails or clicking links. Emails designed to attract clicks to malicious websites have become more sophisticated and realistic than ever before.
2. Seek help or advice immediately if you think you may have unknowingly or inadvertently opened an email or clicked on a link that may not be legitimate. Those who hesitate may be too late.
3. Update software whenever prompted. Software updates often contain security patches and should be implemented. Not sure it’s a legit update request? Check with your company’s cybersecurity point person.
4. Secure sensitive and proprietary screens, devices and equipment. This includes obscuring screens from shoulder surfing and protecting two-factor authentication.
5. Practice, practice, practice. Conducting drills and training on a regular basis, such as quarterly, keeps cybersecurity top of mind for employees. It gets the entire organization on the same page with respect to cybersecurity and makes policies second-nature.
Some companies have a lot of catching up to do with regards to cybersecurity and for many companies, it remains a top priority for their employees and organization.
In an Inc. magazine interview, CEO Chris Young of cybersecurity company McAfee stated, “Security is being built into the cultures of companies as a means to future-proof. Cybersecurity is becoming a required competency of every executive – part of the standard job description – to ensure that it’s built into every aspect of what a company does and offers to its customers.”
Cybersecurity compliance is increasingly becoming mandatory for manufacturers doing business with companies that supply material to military and defense-related contractors. In fact, all DoD, GSA, and NASA contractors must meet the Federal Acquisition Regulation (FAR) minimum cybersecurity standards or risk losing federal contracts.
Each year nearly $500 billion is lost to cybercrime and espionage across the entire world economy, according to the Center for Strategic and International Studies. Firewall and anti-virus protection are still necessary but they are not enough in today’s cyber threat landscape.
Don’t put your business at risk by leaving it vulnerable. Protect it from cyberattacks through employee training and education, updated software, and ensuring compliance to the latest industry standards.
The Cybersecurity Maturity Model Certifi cation (CMMC) is the next step in the Department of Defense (DoD) efforts to protect U.S. defense manufacturing supply chains from cyberthreats.
Manufacturers doing business directly or indirectly for the DoD, GSA, and NASA must meet Defense Federal Acquisition Regulation (DFAR) minimum cybersecurity standards or risk losing contacts.