Driz Group
  • Managed Services
    • Web Application Security >
      • Schedule WAF Demo
    • Virtual CISO
    • Compliance >
      • SOC1 & SOC2
      • GDPR
    • Third-Party Risk Management
    • Vulnerability Assessment >
      • Free Vulnerability Assessment
  • About us
    • Testimonials
    • Meet The Team
    • Resources
    • In the news
    • Subsidiaries
  • Contact
    • Newsletter
  • Blog
  • Managed Services
    • Web Application Security >
      • Schedule WAF Demo
    • Virtual CISO
    • Compliance >
      • SOC1 & SOC2
      • GDPR
    • Third-Party Risk Management
    • Vulnerability Assessment >
      • Free Vulnerability Assessment
  • About us
    • Testimonials
    • Meet The Team
    • Resources
    • In the news
    • Subsidiaries
  • Contact
    • Newsletter
  • Blog

Cybersecurity Blog

Thought leadership. threat analysis, news and alerts.

But, my IT Guy told me that we are well protected. Well… you were not.

5/12/2016

0 Comments

 
Cybersecurity Shield
Interesting article posted by The Hacker News team, Top Data Breaches Reported in last 24 hours 

It’s interesting because with an exception of Google’s internal data breach, I'm almost confident that other organizations on the list were convinced that their data was protected, or at least one would hope that this would have been the case.

Now, these organizations will have to invest a significant amount of time and money into investigation, remediation and on-going protection of their infrastructure and web applications. Most importantly, they will start asking the right people the right questions, and, they will begin listening and taking action.

Almost daily we hear statements such as, “My IT guy tells me that our web applications are well protected”. It does not cease to amaze professionals within the information and cybersecurity industry for one simple reason. Don’t get me wrong, most likely your “IT Guy” is the best at what he does, and provides your organization with exceptional customer service. At the same time, he or she most likely does not specialize in information and cyber security, period. The assumption that every IT professional, with or without the credentials, is an information and cyber security expert, is false. If you are able to install and configure an antivirus on my computer, you must be a security expert; that is wrong.

Most business leaders are smart and perceptive. They are in their roles in part because they know how to ask the right questions. Unfortunately, when it comes to information and cyber security, asking the right questions is not enough. You must also ask the right people.

I guarantee that when you have a toothache, you won’t call and go see your favorite and talkative car mechanic. You could, but I am confident that you would not be pleased with the results of your treatment.

Two main reasons generally leading to security breaches and data leaks are: a) complete business leadership unawareness, and b) hoping that it won’t happen to you and your organization. Did you ever invest in something that was not a cure for your problem? Think for a minute… Yes, you have. At some point in your life, you purchased life insurance, and, wait, you probably have smoke and carbon monoxide detectors, and both car and home insurance. Why? Because, while some of the above are mandatory, such as car insurance, as you may lose your license while driving without it, others are in place in case something "bad"happens. 

Oh wait, we forgot that your home probably has a front door that has a lock to keep your home and your family safe. If you were aware that there is a threat to your family, would you upgrade your door to a better one, with a lock that is more difficult to open? Of course you would. Across our neighborhoods, people began investing thousands in window security bars after just one rumor of a break-in nearby.

Consider this: information protection technologies, everything from endpoint to web application and beyond, are in most cases your best “door” with the best "lock" your money can buy. Provided that you partner with the right people, they will ensure that you are aware of the threats, and take a proactive approach prior to, and not after the fact that your business name is headlining The Hacker News and the mainstream media.

Since we, and our industry partners firmly believe that the awareness is key, we are always available, and look forward to answering your questions. Waiting and hoping that it won't happen to your organization, are no longer your options.

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Author

    Steve E. Driz, I.S.P., ITCP

    Picture
    View my profile on LinkedIn

    Categories

    All
    0-Day
    2FA
    Access Control
    Advanced Persistent Threat
    AI
    ATP
    Awareness Training
    Botnet
    Bots
    CASL
    Cloud Security
    Compliance
    COVID 19
    COVID-19
    Cryptocurrency
    Cyber Attack
    Cyberattack Surface
    Cyber Espionage
    Cybersecurity
    Cyber Security
    Cyber Security Consulting
    Cyber Security Insurance
    Cyber Security Risk
    Cyber Security Threats
    Data Breach
    Data Governance
    Data Leak
    Data Leak Prevention
    DDoS
    Email Security
    Fraud
    GDPR
    Hacking
    IoT
    Malware
    MFA
    Microsoft Office
    Mobile Security
    Network Security Threats
    Phishing Attack
    Privacy
    Ransomware
    Remote Access
    Social Engineering
    Third-Party Risk
    Virtual CISO
    Vulnerability
    Vulnerability Assessment
    Web Applcation Security
    Web-applcation-security
    Web Application Firewall
    Web Application Protection
    Web Application Security
    Web Protection
    Windows Security

    RSS Feed

1.888.900.DRIZ (3749)

Managed Services
Web Application Security
Compliance
​Vulnerability Assessment
Free Vulnerability Assessment
About us
Testimonials
​Meet the Team
​Subsidiaries
​
Contact us
​
Blog
Resources & Tools
​Incident Management Playbook
Privacy Policy | CASL
Copyright © 2021 Driz Group Inc. All Rights Reserved.
Photo used under Creative Commons from GotCredit