10 fresh tips from Security Summit: Your Cybersecurity 2021

CYBERS 01.10.2020

Following this year’s cybersecurity summit we’ve run a small poll with our speakers to squeeze a few more drops of wisdom out of them. We were half-expecting everyone to be saying the same things but to our surprise, there was a huge variety of thoughts. Good thing we opted for open-ended questions then. Here is the consolidated version.

1. Cybersecurity 2020: Describe it in one word or phrase

  • Cloud security.
  • Distributed.
  • Fancy tools without fancy knowledge.
  • Needs to adapt to remote work.
  • Part of the business.
  • Every threat is greater than before.

2. Name the biggest challenge in organizing remote work

  • Lack of security controls.
  • Distributed workforce.
  • Secure connection.
  • Confidentiality.
  • Making sure that all the platforms are safe to use.
  • Complexity has tripled.

3. Which person (position) in the company is most likely to be targeted by a phishing attack?

  • CTO, CEO, CFO, CISO
  • Support.
  • Any, including Cyber Security Professionals.
  • Admin.

4. Please give a cybersecurity tip to a 12-year old

  • Don’t post anything on social media.
  • Use a password manager.
  • Read what you click “Yes” to.
  • Cyber hygiene/Awareness.
  • Secrets have to remain secrets. Guard them well.
  • What you share today could hurt you tomorrow.

5. Please give a cybersecurity tip to a 65-year-old

  • Be cautious about suspicious emails. They might be fraudulent – think several times before opening attachments or links in the email. Pay attention to the sender address.
  • If you do not turn it on you are safe.
  • Read what you click “Yes” to.
  • Cyber hygiene/awareness.
  • Your online identity is the same as the real one.
  • Be cautious, that email or app may be designed to hurt you.

6. Please name 2-3 things, which are essential for the success of a cybersecurity strategy of an organization

  • Management buy-in and up-to-down approach for security. Proper risk management process.
  • Leadership buy-in and support.
  • Practical mindset, general cyber hygiene, cyber disaster testing.
  • Common understanding of the risks, the road map for security, visibility in the network.
  • Management leadership in words and actions. 2. Skilled security personnel who can guide the rest of the colleagues 3. Sufficient budget to cover at least basic security needs.
  • Collaboration between (non-IT) departments.
  • Policies first, technology second.
  • Keep asking questions about how a system can be used, look hard for security holes.

7. What is your organization’s cybersecurity priority for 2021

  • Data leakage prevention.
  • Decreasing the attack surface.
  • Visibility.
  • Make sure people constantly learn and improve.
  • Remote working is here to stay, forget the perimeter as there isn’t one.

8. What will be the biggest cyber threat to companies in 2021?

  • Governments proliferating their tools to criminal organizations.
  • Good old phishing with cyber hygiene coming second.
  • Negligence of cloud security best practices.
  • Internal users not understanding the risks of collaboration.

9. Which is the biggest source of cybersecurity risks?

  • Family.
  • Public Wi-Fi.
  • Facebook/social media.

10. At which point should an organisation seriously consider hiring/renting a full-time equivalent of a cybersecurity specialist?

  • When an organization has a proper cybersecurity strategy.
  • 15 people depending on the business type.
  • Anytime when the size of the organization’s operation and its services exceeds the capabilities of a single sysadmin.
  • When your core business is highly dependent on IT.
  • When the potential loss to your data/reputation/operations exceeds your internal threshold.
  • When data becomes the most valuable part of an organisation.

 

 

 

Latest blog posts

03.03.2022

Cybersecurity as part of defense measures against modern war fighting capabilities

CYBERS in cooperation with Recorded Future will share insights on the ongoing cyber crisis which started several months before the military invasion. This article provides an overview of the current situation, as well as the recommended emergency actions that should be taken by organizations to withstand this cyber conflict.

Keep reading
20.01.2022

Testing and identifying the value of your next cybersecurity solution

The security world is changing rapidly and we are slowly reaching another huge milestone. Not a very happy one though: manual security operations are no longer sufficient. This is a little bit painful to admit but the fact remains: if you rely on the manual labour of CTOs, CISOs and their teams to react to an incident, then you are in for a very rude awakening.

Keep reading
27.12.2021

Are you at risk from the security vulnerability found in the Java-based Apache Log4j logging feature?

A security hole was discovered in the Java-based Log4j logging feature, affecting millions of businesses, government agencies, and cloud services using this popular Apache library. Are you at risk?

Keep reading