3 Important Cyber Security Questions to Ask Yourself Right now
In the midst of all the excitement surrounding the US presidential election last year, one topic caught the claimed the front page spots of many newspapers – cybersecurity. Cyber Security is the collective effort to protect electronic devices and the infrastructure that supports them from a host of physical and computerized threats.
Many businesses have become targets of cybersecurity attackers as a result of the astronomical increase in global e-commerce and availability of consumer data electronically. Take a look at some examples of companies that have acknowledged security and data breaches this year:
- Yahoo!, etc.
Well, one thing is sure for businesses as regards cybersecurity. The government will propose new regulations. Regulations alone still won’t be able to protect the business or their clients from cyber- attacks. As cyber-attacks become more widespread, it is imperative that businesses take action to shield themselves from such attacks by considering these questions: Below are 3 Important Cyber Security Questions to Ask Yourself Right now for the safety of your business.
What Assets Does Your Business Own?
Every business has assets. It could be a brand, secret recipe for your product or service, customer’s data or all of the above. As a precautionary step, take an inventory of your business’ valued possessions. Then, as a next step, decide the amount of protection you will buy the assets. You will not like to spend $500,000 to protect an asset worth $50,000. So, figure out a right amount that will sit well with your company’s budget.
2. What Threatens Your Business?
Just like your assets, your business face threats too. And the threats depend on the kind of business. Most business face threats from competitors while businesses handling financial transactions face threats from cyber rogues who wants to steal money or other important financial data. Other companies in the technology sector face threat of intellectual property theft.
The bullets below summarize the multiple threat categories that exist.
- Threats from nation-states (e.g., China, Russia, and other countries that facilitate cyber-attacks to procure data)
- Threats from cyber criminals (e.g., organized crime syndicates that use cyber theft to make money)
- Threats from hackers with a bone to pick (e.g., people with a bone to pick that use hacking to make a statement)
- Threats from casual Hackers/Lone wolves (e.g., people who hack out of curiosity, but sometimes help cyber criminals)
- Threats from within the business organization (e.g., disgruntled employees seeking to steal money and/or make a statement)
From these threat categories outlined above, it can be difficult to ascertain what category of threats your business is susceptible to. It is therefore important that your business contact cyber security providers for help in identifying threats that apply to it. As a bonus, your business should make use of NIST cyber threat self-assessment guide.
3. What Are Your Business Weaknesses?
After threat identification, the next line of action is to identify weak spots in your business. Think of what the cyber attackers will be interested in. For example, can cyber hackers hack into your system and steal customers’ credit card details or employees’ social security number? Or can a competitor hack into your company’s website to access confidential information? Considering these questions will help you identify vulnerabilities. However, you should still consult cyber security providers to help you identify areas of vulnerability in your business and solutions as well.
Lastly, not all cyber security weaknesses are “cyber” in nature. Controls like security gates, employee entry cards, ID badges can help defend against cyber threats. So business should ask cyber security providers to recommend logical computerized and physical defense systems.