Skip to content

Don’t Leave Your Cyber Security on Autopilot

In 1453, Constantinople fell in one of the first documented uses of massed heavy artillery. When the time came to rethink a thousand year defense strategy, Constantine did not recognize the significant changes to the threat. When it comes to modern cyber security, companies need to rethink their defenses far more often.

But according to the Cyber Ark Global Advanced Threat Landscape Report 2018, companies by and large have stagnant approaches–among the survey findings:

  • A whopping 36 percent of respondents knew of employees storing usernames and passwords for privileged accounts in Word or Excel documents
  • The number of firms granting workers administrative permissions to endpoint devices increased
    • The percent of users in those companies who had admin rights increased 25 percent from 2016
  • Half of the respondents recognized customers’ sensitive private data is at risk due to security controls not going beyond basic legal requirements

I know of one company whose auditors instruct clients doing annual IT compliance certifications that if a security measure is unchanged from the prior audit, just enter “SALY” (same as last year). You won’t find too many experts who believe the threat environment will be the same as last year though. So how does a company break out of the cyber security inertia trap?

Forbes magazine contributor Christie Terrill recommends reviewing and changing your IT security strategy whenever the context of your IT operation changes, including changes in user behavior, paying most attention to devices and nodes that are least in control of the organization. She says Internet of Things nodes are most problematic. While it’s true cyber security core tools such as firewalls, two-person authentication and intrusion prevention systems, are relatively unchanging, how you apply them and how you approach risk management should be reviewed. And that, with the speed of technology evolution, needs very much to be an ongoing endeavor.

Good detective work, when any system fails, usually includes asking the question “what changed”. Reviewing strategy as your IT environment changes can keep you out of the post mortem detective work and better employed focusing on refreshed prevention and risk mitigation efforts instead.

Please contact us at Wheelhouse to talk about a cyber security checkup, or to explore any of our varied managed IT service offerings.

a woman in a business suit is using a laptop

Reliable Network Monitoring Support

Reliable Network Monitoring Support Ensure network security and operational efficiency with robust network monitoring. A strong monitoring system is indispensable

a man holding a computer case with many wires

How to Protect Your Electronics Against Disaster

Know how to protect your business technology and electronics against natural disasters. It’s important for companies to develop a game plan that will ensure employees are able to communicate with others before, during, as well as after a natural disaster to keep the business running.

Let's Start a Conversation

Watch the video below and find out why you should fill out this form and start a conversation today.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.