As cyber risk evolves, traditional defenses focused on perimeter security and known threats are no longer adequate. Threats change more quickly than organization response. A Cyber Security Intelligence post lists five things business leaders and managers must know:
- Cyber attacks will affect your business. Security cannot be left to the IT staff or service provider. If and when an attack occurs, leaders will be held accountable. Understand the risks and get an independent audit to identify gaps in your security.
- Over 60% of data breaches originates from current or former employees, or third party suppliers.
- Compliance with information security requirements is a baseline, but it does not insure security. Go beyond compliance to achieve the best possible security.
- Cyber insurance will provide some protection but does not cover all loss. Be aware of exclusions such as future lost profits, intellectual property (especially data software) or security upgrades.
- Real security requires monitoring, detection and response (MDR) services combined with disaster recovery and business continuity plans.