Here’s how to protect network security at your organization now and in the future.
Nameless cyber thieves lurk in the digital shadows, threatening the data of every organization with an Internet connection. You can combat this growing menace by making sure your company has the right cybersecurity policies and procedures in place. Follow these key strategies to keep your company safe.
Your first line of defense is your staff. It’s crucial they know how to prevent cyberattacks in their everyday work. Educate them about the dangers of clicking on links from unknown email senders or visiting unfamiliar websites, says Dr. Gary C. Kessler, chair and professor, Security Studies and International Affairs Department at Embry-Riddle Aeronautical University. “Even with good technology and tools,” he says, “as long as there is a human who does not know how to adhere to the rules, that’s always the best point of attack.”
And don’t just focus on work-related digital activities. Teaching employees how to secure their personal accounts, including social media profiles, will encourage their compliance with policies and procedures when completing business tasks, Kessler adds. “If people start following good security practices at home, they will bring those to work.”
“Spear-phishing” campaigns targeting individual employees are a common information security threat. In these attacks, emails sent to particular employees use individual information to appear legitimate and lure recipients to click. “It’s very easy to collect personal information and send an email pretending you’re somebody else,” says Dr. Glenn S. Dardick, associate professor of cybersecurity at Embry-Riddle. One safeguard to put in place: email verification software, so the sender must log in to a system that verifies their identity.
Be Password Smart
“Many people use the same password and username for multiple accounts,” Kessler says. “That’s a problem. If one account is compromised, then all of the others are at risk, too.” Password managers can help ensure that employees choose unique and strong passwords.
Don’t Keep Unnecessary Data
Dardick was asked to manage the response efforts for a financial company after it was breached. The organization had been storing sensitive personal data in its database even after it was no longer needed, and the hack resulted in a $2 million loss for the company. “You have to go beyond just securing information,” Dardick says. “Take a look at what you’re keeping and why you need to keep it, and more importantly, why you do not need to — and should not — keep it.”
Enforce the Policy
Once you have a policy in place, be sure to enforce it, Dardick says. “If employees do not take this seriously, if there is no fear of consequences, then not everyone will be on top of it the way they need to be.”
And finally, one of the best ways to prevent online attacks is to stay current on the field’s policies, laws and practices. The online Master of Science in Cybersecurity Management and Policy at Embry-Riddle trains working professionals to become leaders in the fight against ever-increasing cyber threats.
You know WHERE you’re going. We help you GET THERE.
Embry-Riddle Aeronautical University, the world’s largest, fully accredited university specializing in aviation and aerospace, is a nonprofit, independent institution offering more than 80 baccalaureate, master’s and Ph.D. degree programs in its colleges of Arts & Sciences, Aviation, Business, Engineering and Security & Intelligence. Embry-Riddle educates students at residential campuses in Daytona Beach, Fla., and Prescott, Ariz., through the Worldwide Campus with more than 125 locations in the United States, Europe, Asia and the Middle East, and through online programs. The university is a major research center, seeking solutions to real-world problems in partnership with the aerospace industry, other universities and government agencies. For more information, visit erau.edu, follow us on Twitter (@EmbryRiddle) and facebook.com/EmbryRiddleUniversity, and find expert videos at YouTube.com/EmbryRiddleUniv.