How to Stop Worrying About Hackers and Start Protecting Data Assets

1 - How to Stop Worrying About Hackers and Start Protecting Data Assets
2 - Focus on the Right Threats, not All of Them
3 - Keep Your Data Inventory Up to Date
4 - Give All Data an Expiration Date
5 - Don't Disregard Updates, Patch Notices from Vendors
6 - Train Keep User About their Role in Data Security
7 - Know That Hackers are More Persistent Than Smart
8 - Implement Least-Privilege Access Control
9 - Set Up Network Security Monitors and Pay Attention to Alerts
10 - Get Your Team on the Same Page About Incident Response
11 - Know Your Limits
1 of 11

How to Stop Worrying About Hackers and Start Protecting Data Assets

The best way to relieve those nagging fears about stealthy cyber-attackers stealing your company's data is to implement a comprehensive data security plan.

2 of 11

Focus on the Right Threats, not All of Them

Most organizations are dealing with threats from malware, malicious insiders, third-party attackers, corporate adversaries, hacktivist campaigns and more. No matter how many patches you apply across operating systems and employee devices, incidents like zero-day exploits can leave your team vulnerable. By prioritizing which threats matter most to your data and your industry, you can concentrate on the protection tactics that will pay off in the end.

3 of 11

Keep Your Data Inventory Up to Date

You can't secure your sensitive information if you're not even sure what you're storing. Enact strict controls over where critical assets can reside in your company's files and networks, and conduct frequent inventories of systems and devices to make sure nothing is slipping through the cracks.

4 of 11

Give All Data an Expiration Date

The most secure organizations are constantly poring over their data inventories, identifying which programs and files they don't need and deleting them. Get in the deleting habit by giving all of your data an expiration date. When the deadline comes up, check with the data's owner, then destroy it if it's not still adding value to the company.

5 of 11

Don't Disregard Updates, Patch Notices from Vendors

This habit should be obvious, but it remains a common factor in cyber-attacks. When tech vendors release updates about critical vulnerabilities and distribute patching information, take the time to install the patch. And while you're at it, check for recent versions of the hardware and software you use daily. Older versions of devices and programs tend to carry known vulnerabilities that are just waiting to be exploited.

6 of 11

Keep Every User In The Loop About Security Issues

User training and education is paramount to maintaining a secure IT environment. Share information about threats your company has faced in the past, present and future, discussing common issues as well as rare attack scenarios. Let security professionals lead the conversation for end users; meanwhile, invest in ongoing training for in-house security personnel.

7 of 11

Know That Hackers are More Persistent Than Smart

Maintain consistent security configurations among the devices in your organization that perform similar roles. Hackers tend to come through systems looking for vulnerabilities, such as the one server you haven't gotten around to updating. Teach your network administrators that consistent changes and configuration control could be the factor that saves the company from a massive data breach.

8 of 11

Implement Least-Privilege Access Control

Remember the Target data breach in 2012 that dominated headlines and began with a third-party user that had access to the company's network? Give the bare minimum of access permissions to the least number of people necessary to complete every task. Then, on a regular basis, ask resource owners and users to re-verify permissions and access rights.

9 of 11

Set Up Network Security Monitors and Pay Attention to Alerts

Most hacking incidents are captured on event logs and never recognized until after the incident is over. By aggressively monitoring for anomalous behavior and setting up alerts for specific issues, you can avoid finding out your system was breached six months after unusual activity indicated something was going on.

10 of 11

Get Your Team on the Same Page About Incident Response

More corporate executives are confronting this scenario: "Our data was breached today. What's your next move?" Every member of your team should have a response to this question, whether their role will be dealing with remediating the system or communicating the news to customers and partners. If your incident response plan covers every possible scenario, you can make employees more security-minded by giving them some power to defend critical data.

11 of 11

Know Your Limits

Even the world's best doctors go to the doctor. Evaluate your organization's core competencies and abilities in terms of how thoroughly you can protect your data. Then, cover the spaces in which you fall short by working with a trusted, reputable security partner. No organization looks forward to dealing with a security breach, but if an incident occurs and your team's own ego is partially at fault, you're adding insult to injury.

Top White Papers and Webcasts