The harsh realities of cybercrime
There are four ways we can demonstrate leadership when it comes to the proactive
prevention of cybercrime:
1. First, we can establish a corporate culture of preparedness for cyberattacks. Just as with other corporate policies and procedures, the topic of cybersecurity ought to receive its share of well-planned policies and expectations. These policies are just as foundational to new hire onboarding and employee training as building security, payroll information, etc. All employees serve as chief gatekeepers on the cybercrime front, and by properly preparing
them, we can significantly reduce cyberthreats.
2. A culture of preparedness ought to be distilled into and entrusted to a cybersecurity team which is committed to
prevention and detection. A team strategically assembled from broad spheres of responsibility—IT, security, fi nance, accounting—ensures widespread attention to prevention, solidifi es the organization’s commitment to cyber protection, and allows quick response to an actual attack. When we experience breaches and don’t know where we store data or who to call to address the problem, we lose critical time reacting to the breach. Identifying a team and outlining each team member’s role is key to implementing a timely response to cyberattacks or security breaches.
3. In direct correlation to the identified team listed above, once we create policies and assemble a team, ongoing testing should be a regular occurrence. Testing encompasses the regular running of backups, as well as simulating hacks and disaster plans. It’s likely that ongoing testing and other best practices against cyber threats will be managed by someone other than the CEO; still, it’s important that top leadership fully engage in the oversight of these three processes.
4. Ensure that your organization receives an annual third-party audit of its cybersecurity measures. This kind of audit serves as both a best practice for organizational health and a guideline for cybersecurity insurance needs. Invariably, an organizational audit of cybersecurity protocols will focus on an organization’s vendors and whether or not security measures have been filtered throughout the supply chain.
Whether we are just beginning to implement security protocols or have had security systems in place for many years, the fact is that the landscape of cybercrime is constantly changing. New hacking schemes and threats have become a near-constant source of concern, and protecting ourselves requires ongoing vigilance.