5 Cyber Security Best Practices for 2016

By Oscar Marquez

In the past five years, businesses of all sizes have realized just how vulnerable they are to cyber attacks.

The astonishing increase in the number of attacks each year troubles corporate leaders, IT professionals and chief information security officers, who see their security efforts foiled by hackers.

The number of large corporations targeted since 2015 is proof that everyone is vulnerable. Wherever you look, there is an Ashley Madison, Home Depot or JP Morgan Chase breach that makes you realize just how precarious security structures are.

In sports, teams regroup at halftime and get back to work in the second half with a refocused goal of finishing the game strong. The same holds true for security practices. To help businesses beef up security in the second half of 2016, here are some ideas to keep data safe:

1. Be aware of stored data

It is astonishing how many big firms do not know they have huge chunks of data in their systems. Technologies such as the Internet of Things contribute a lot to this, but company data should be handled better overall. Knowing what is stored in their systems would provide companies with information about which data needs to be protected most against threats.

2. Focus on protecting data

The biggest cases of 2015 related to data breaches of global services and corporations. Business owners think that beefing up firewalls and security perimeters is the answer, but they couldn’t be more wrong. Protecting their data should be the priority. Secure encryption is vital to prevent data from being compromised easily should the corporate network be breached.

3. Address the mobile threat

Many corporations allow employees to use their personal devices in the workplace. It’s safe to assume that most employees do not take the necessary security measures for their mobile devices. This puts corporate data on such devices at great risk. IT administrators need to have better—not more—control over such devices.

4. Spread awareness

It’s always good to make employees companywide aware of the threats they face. Talking with employees regularly about new and emerging threats and sharing ideas about improving security is good practice.

5. Take insider threats seriously

You could shell out millions of dollars trying to protect your network from outside threats only to be undone by an employee who clicks on a nefarious link and compromises sensitive data. Hackers regularly send malicious emails to many employees in a firm in hopes that one of them falls for it—and someone frequently does. Encourage employees to be more vigilant since such emails often can easily be spotted.

Oscar Marquez is co-founder and chief technology officer of iSheriff, a cloud security firm. His guest essay originally appeared on ThirdCertainty.com.