10 fresh tips from Security Summit: Your Cybersecurity 2021
Following this year’s cybersecurity summit we’ve run a small poll with our speakers to squeeze a few more drops of wisdom out them. We were half-expecting everyone to be saying the same things but to our surprise, there was a huge variety of thoughts. Good thing we opted for open-ended questions then. Here is the consolidated version.
1. Cybersecurity 2020: Describe it in one word or phrase
- Cloud security.
- Fancy tools without fancy knowledge.
- Needs to adapt to remote work.
- Part of business.
- Every threat is greater than before.
2 Name the biggest challenge in organizing remote work
- Lack of security controls.
- Distributed workforce.
- Secure connection.
- Making sure that all the platforms are safe to use.
- Complexity has tripled.
3. Which person (position) in the company is most likely to be targeted by a phishing attack?
- CTO, CEO, CFO, CISO
- Any, including Cyber Security Professionals.
4. Please give a cybersecurity tip to a 12-year old
- Don’t post anything on social media.
- Use a password manager.
- Read what you click “Yes” to.
- Cyber hygiene/Awareness.
- Secrets have to remain secrets. Guard them well.
- What you share today could hurt you tomorrow.
5. Please give a cybersecurity tip to a 65-year-old
- Be cautious about suspicious emails. They might be fraudulent – think several times before opening attachments or links in the email. Pay attention to the sender address.
- If you do not turn it on you are safe.
- Read what you click “Yes” to.
- Cyber hygiene/awareness.
- Your online identity is the same as the real one.
- Be cautious, that email or app may be designed to hurt you.
6. Please name 2-3 things, which are essential for the success of a cybersecurity strategy of an organization
- Management buy-in and up-to-down approach for security. Proper risk management process.
- Leadership buy-in and support.
- Practical mindset, general cyber hygiene, cyber disaster testing.
- Common understanding of the risks, the road map for security, visibility in the network.
- Management leadership in words and actions. 2. Skilled security personnel who can guide the rest of the colleagues 3. Sufficient budget to cover at least basic security needs.
- Collaboration between (non-IT) departments.
- Policies first, technology second.
- Keep asking questions about how a system can be used, look hard for security holes.
7. What is your organization’s cybersecurity priority for 2021
- Data leakage prevention.
- Decreasing the attack surface.
- Make sure people constantly learn and improve.
- Remote working is here to stay, forget the perimeter as there isn’t one.
8. What will be the biggest cyber threat to companies in 2021?
- Governments proliferating their tools to criminal organisations.
- Good old phishing with cyber hygiene coming second.
- Negligence of cloud security best practices.
- Internal users not understanding the risks of collaboration.
9. Which is the biggest source of cybersecurity risks?
- Public Wi-Fi.
- Facebook/social media.
10. At which point should an organization seriously consider hiring/renting a full-time equivalent of a cybersecurity specialist?
- When an organization has a proper cybersecurity strategy.
- 15 people depending on the business type.
- Anytime when the size of the organization’s operation and its services exceeds the capabilities of a single sysadmin.
- When your core business highly dependent on IT.
- When the potential loss to your data/reputation/operations exceeds your internal threshold.
- When data becomes the most valuable part of an organisation.