Network and Cyber Security
The biggest threat to data security is underestimating both internal and external threats. Access to IP networks are everywhere so understanding that data in motion is vulnerable both on and off the network leads to the question of how to protect it.
Assessing the risk comes down to some simple math: what is your data worth, and what would be the damage if it were compromised? With news stories about data being hacked, tapes and laptops being stolen from vehicles continue to happen at an alarming rate. Therefore, it makes sense for your organization to develop a plan for handling highly sensitive data and proprietary intellectual property.
You may have done a good job deploying virus protection, firewalls, IDS/IPS solutions, but these only cover established areas. Only data protection throughout the network can safeguard critical and confidential data, regardless of the success or failure of other security technologies and policies. That is why it is important to understand that data protection is journey and not a destination.
Companies should begin risk management by defining a benchmark of existing assets and functions. From there, the following questions will help determine vulnerabilities within the business, and the potential impact of a failure:
- What are the threats to these critical functions and assets?
- What are the potential losses if a threat or failure is realized?
- What are the chances of the organization being affected by this threat or failure?
- What is the cost to reduce the risk to an acceptable level?
Vulnerability management is a critical component of any security infrastructure because it enables proactive detection and remediation of security vulnerabilities. According to the Yankee Group's Best Security Practices, organizations should perform vulnerability management on a daily or weekly basis. Gartner Group states “Forty percent of small to medium businesses that manage their own network will have their network accessed by a hacker, and more than 50 percent won’t even know they were attacked.