Managing internal and external data threats
It is no longer a surprise when you wake-up to the news that, yet another company has been hacked. Today, hackers aren’t just looking to make a few bucks, but cause massive destruction to your systems and data. Businesses are now turning to cyber security companies for specialist skills and resources in today’s highly vulnerable environments.
So how do businesses manage internal and external data threats? Boland Lithebe, Managing Executive for CyberTech and Information Security within the Altron group, explains that companies today are beginning to understand the importance of not only protecting their infrastructure but also their consumers. Lithebe goes on to mention that while technology continues to change the industry, companies need to take more precautions in protecting their assets to prevent costly breaches, as the implications are far greater.
Lithebe feels that while threat models vary across industries, banks and financial institutions face different threats as opposed to those in the retail industry, so it’s important to understand who might want to hack your company. A hacktivist might not want to necessarily hack companies for financial gain, but rather to cause destruction to your data.
Lithebe mentions some simple tips to managing data threats:
- Map your data! Understand the channels and where you are getting your data from
- Be aware of the type of data your company processes (e.g. personally identifiable information, card holder data, etc.)
- Understand how your data flows within your company and reduce, where possible, your data footprint to limit the security exposure. This could be any data that enters and leaves your company and more importantly - who has contact with your data
- Understand your third-party agreements and with whom this data gets shared i.e. when a consumer purchases a car, car dealerships could rely on credit bureaus to do a credit check. They could also rely on other companies for value added services, who the dealership in turn shares the data with
- Most importantly - educate your users and staff about the importance of data and the risks of losing such data
Lithebe concludes by mentioning that even the smallest threat could have a severe impact, and businesses need to be proactive rather than reactive.