You are probably doing all you can and more to build in network and application security in your organization, working to minimize the threat of a devastating cyber attack that can result in brand damage, financial loss, or compromise of key intellectual property. One area that you should examine is any sensitive or critical data that might be owned by your organization, but exposed because it is not under your control. Some examples are:
As cyberattacks become more common, it is increasingly important for businesses to understand their cyberweaknesses and plan for breaches.
- Law firms: You may have a tremendous amount of intellectual property and even pending acquisition documents stored at your law firm. Are they taking the same steps to secure your information? Do they have immediate disclosure to your company for a breach written in their agreement with your company?
- Employees: It’s pretty easy to download and take home a few hundred thousand or millions of records on a laptop. While it might be for a perfectly good business reason, what is that laptop is lost or stolen – what is the process for mitigating and reporting the loss?
- Service providers: When you transfer massive files of prospect or customer records to an outside provider for a mailing or digital activity, how do you know they are deleted or protected, and that the company has not had an a successful attack?
Cyber awareness is a total company responsibility, and everyone should be working to guard the organization from a compromise.