One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8336704 |
| Date de publication | 2023-05-15 10:00:00 (vue: 2023-05-15 17:07:49) |
| Titre | CISOS: Comment améliorer la cybersécurité dans un paysage de menaces en constante évolution CISOs: How to improve cybersecurity in an ever-changing threat landscape |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The digital landscape is always changing to keep up with a constantly evolving world, and bad actors are also adapting. For every new development in the digital world, cybercriminals are looking to take advantage of weaknesses, so it is important that those concerned with the security of their organization’s network, data, and other assets stay vigilant and on top of trends. Everybody within an organization should work to establish and maintain good cybersecurity habits and measures, but much of the security burden falls on the chief information security officer (CISO). Below are some key insights for any CISO to take into consideration. Concerns and challenges Since the beginning of the COVID-19 pandemic three years ago, hybrid and remote working solutions have been rising in popularity. This should be a priority area: according to a report from Malwarebytes, 20% of companies reported that a remote worker had caused a security breach. In comparison, 55% cited training employees in security protocols as a major challenge in transitioning to work-from-home infrastructure. Because the shift to hybrid and remote work happened quickly and with an eye for ease of access over security, employees working offsite can pose a great risk to an organization if not provided with adequate cybersecurity training and policies. AI and machine learning are also on the rise, increasingly being utilized by businesses and cybercriminals alike. It is important to recognize that while AI enhancements can provide aid, there is no replacement for the human element in developing a cybersecurity strategy. Understanding and deploying AI and machine learning tools can not only help with fraud detection, spam filtering, and data leak prevention, but it can allow a security officer insight into cybercriminals’ use of the tools. Increasing awareness of the criminal toolkit and operations provides an opportunity to get ahead of threat trends and potentially prevent attacks and breaches. Another major issue is the shortage of qualified cybersecurity professionals leading to a significant struggle with recruitment and retention. In a Fortinet report, 60% of respondents said they were struggling to recruit cybersecurity talent, and 52% said they were struggling to retain qualified people. In the same survey, around two-thirds of organization leaders agreed that the shortage “creates additional risk.” Many factors work in tandem to perpetuate the problem, but the solution doesn’t have to be complicated. Ensuring your employees have a healthy work environment goes a long way, as well as tweaking hiring practices to select “adaptable, highly communicative and curious” people, as these traits make for an employee who will grow and learn with your company. Tips for improving cybersecurity One of the top priorities for CISOs should always be to ensure that all employees are properly trained in cyber hygiene and cybersecurity best practices. Insider threats are a serious issue with no easy solution, and a good number of those (more than half, according to one report) are mistakes due to negligence or ignorance. Traditional threat prevention solutions are often concerned with |
| Envoyé | Oui |
| Condensat | “adaptable “creates “keeping able access accessing accidental according actors adapt adapting additional address adequate adopt advantage affects against ago agreed ahead aid alike all allow already also always another any are area: areas around article assets at&t atmosphere attack attacks author awareness bad because been beginning being below best both breach breaches burden businesses but can cause caused challenge challenges chances changing charged chief ciso cisos cisos: cited classics communicative companies company comparison compliance complicated concerned concerns conclusion consideration constant constantly content cooperation cover covid criminal crucial culture curious” cyber cyberattacks cybercriminals cybercriminals’ cybersecurity data deploying detection developing development devices digital does doesn’t due ease easy either element employ employee employees endorse enforcement enhancements ensure ensuring environment especially establish ever every everybody evolving executives expanding eye face factors falls fellow filtering fixes following forget fortinet framework fraud from fundamentals get goes good great ground grow growth guys habits had half happened have healthy heard help highly hindering hiring holistically home how human hybrid hygiene ignorance immediately implement important improve improving include inconvenience increasing increasingly individual industry information informed infrastructure inside insider insight insights investing involved issue jobs just keep keeping key landscape layered leaders leading leak learn learning least level long looking lot lower machine maintain major make malicious malwarebytes many means measures methods mistakes more most much necessary negligence network networks new not number officer officers offsite often one only operations opportunity organization organization’s organizations other out over own pandemic part path people perhaps perpetuate person play policies popularity pose positions possible post posture potentially practices prevent prevention principle priorities priority privilege problem professionals properly protect protecting protection protocol protocols provide provided provides purely qualified quickly rapid rather reason recognize recruit recruitment remember remote replacement report reported requires resources respect respondents responsibility responsible retain retention right rise rising risk robust role safe said same secure securing security select serious shift shortage should significant since slog solely solution solutions some spam stay strategy struggle struggling sufficiently surface surrounding survey take talent tandem task teams technological technology than these thing thirds those threat threats three through throughout tips toolkit tools top total traditional trained training traits transitioning trends tried true trust tweaking two understand understanding use utilized views vigilant voices way weaknesses well when which who will willing within work worker workers working world years your zero |
| Tags | Data Breach Spam Threat |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.