What do you do when you leave your house, park your car, or close your office? You ensure they are locked and you may enable an alarm system. Why take such precautions? For protection.
Regarding your businesses computer system, what precautions have you taken to ensure its security? Could you assess the potential financial risk to continued operations if hacked?
Conventional security systems rely on firewalls, anti-virus screens and other anti-spyware software to monitor system health. They focus on incoming data transfers. How would you know if someone inside your organization was transferring data? Are you aware that there is existing technology to apply behavioral forensics and screen for anomalous computer activity? This technique works regardless of other installed security systems to quickly identify a compromised computer.
Everyone claims that cyber security ranks highly in their list of priorities, but have you fully considered the impact of a successful compromise? Where does protection of critical information for continuity of business operations rank? There are many important key functions that business leaders must accomplish. Among these are a well thought out business plan, an impeccable reputation with your customer base, a highly skilled and motivated workforce, and scrupulous adherence to laws, rules and regulations. Historically those components would be sufficient, but threats evolve. In an age fueled by instantaneous information demands through a variety of media, the loss or compromise of data, sales, or proprietary information due to a cyber attack can have disastrous consequences for business owners and managers.
Newspapers, professional journals and on-line articles contain daily examples of threats to cyber security. The Department of Defense recently established a four-star command to monitor and respond to threats to its networks and commanders’ abilities to command and control operating forces. Despite daily threats, proposed legislation to manage cyberspace use is met with significant resistance, due primarily to increased government involvement outside of its perceived authorities. The Obama Administration has addressed and researched the problem, but the fact is that the internet is simply too vast and issues of government intrusion, personal privacy, and effective oversight represent considerable obstacles to progress.
Dependency on the cyber realm as an operating space for commerce and transactions, along with voluminous data storage, exchange and transmission, combine to make a business owner’s dilemma. Large firms may have cyber protection and network security functions assigned to the information technology (IT) department. Medium and smaller companies face resource requirements that demand a different response and may depend on the leadership’s level of knowledge and proficiency alone. Regardless of size of a business, essential mitigation strategies are available. The following points are critical for business leaders and managers to consider when operating in cyberspace:
Conducting business with confidence in cyberspace is an acquired skill for small and medium sized companies. Indeed there are challenges; however, these are not insurmountable. Just as adequate preparation, effective training and sufficient resourcing are crucial to all aspects of business, so are a manager’s attention and prioritization of available resources – sound leadership – essential to cyber success.
As with many technological advances, cyber security continues to evolve. Computer behavioral forensics provides security from outside attack or a mole from within without constant updating and monitoring by IT personnel. When the last person leaves your business daily and the locks and alarms are set, is your computer network equally protected?
Bill Barns, MBA / Principal Analyst, and Colin Claus, MBA / Senior Analyst, are partners at Sonalysts, an employee owned company. They may be contacted at 757-490-3927. The company’s website is: www.sonalysts.com