According to a recent Security Week article, cyber situational awareness demands “an all-encompassing approach” to threat analysis, monitoring, and risk assessment, and that goes for anyone doing online business or even simple personal Web surfing. Internet intelligence, enterprise intelligence, and threat intelligence all play a significant role in this endeavor aimed at greater cyber safety.
Definitions need to be established, however, as the IT industry has not yet standardized the meaning of these terms, leaving many on both sides of the IT coin (clients and service providers) to make up their own definitions for what they mean. As broken down by Derek Gabbard writing in Security Week cyber situational awareness is three-tiered, and entails:
“Internet intelligence includes understanding the logical and physical landscape of global Internet assets most critical to the business; enterprise intelligence describes the landscape and activities occurring within the enterprise perimeter; threat intelligence is applied to all activities that could adversely impact operations, whether they are inside or outside the traditional perimeter.”
Some executives and enterprisers, however, especially in the private sector, hesitate to fully embrace this philosophy. Is this because they haven’t given the idea enough of a think-through? Still others seem to be set against adopting the capabilities required for true cyber situational awareness because they believe the responsibility lies solely with government agencies and with their service providers, rather than upon SMBs and other organizations who adopt cyber defense and safety standards for and by their own making, based upon the evidence at hand.
October is Cybersecurity Awareness Month
We should all breathe a bit easier, with October officially being cybersecurity awareness month and President Obama partnering with the National Cyber Security Alliance (NCSA) to generate a public awareness campaign they are calling “Lock Down Your Login”. According to the White House, 62% of successful data breaches could have been prevented by the use of more effective authentication systems such as biometrics or multi-factor authentication (MFA) or two-factor authentication (TFA) for logins. TFA increases security by requiring login parameters beyond just a password, and many email service providers and social media platforms now offer MFA or TFA as a free service to increase their own popularity and keep their users safe on the Internet at the same time.
The Threat of Public Networks
Cybercriminals are fond of hanging around Wi-Fi hotspots and looking for unprotected users whom they can exploit through public network infiltration. A good Internet safety tip is to avoid logging onto data-sensitive sites like bank accounts, email, or any site over which you would be sharing personally-identifiable information (PII) or payment card information (PCI) when you are at a Wi-Fi hotspot. If you absolutely have to, though, the use of a virtual private network, or VPN service provider enables data encryption, adding an extra layer of security to your private communications, making it harder for cyber crooks to try to pilfer your personal data.
The Importance of Employee Cyber Awareness
Over and over and over again we are seeing the IT and cybersecurity pundits sounding off about the huge importance of having workplace policies in use that stress cyber safety standards similar to OSHA standards for the manufacturing and construction industry. Run exercises, drills, have meetings, reinforce and reward cyber situational awareness, and your business organization will be many times cyber-safer for it.
IT Experts Answer the Cyber Safety Call
If you need further advice about cyber safety awareness, Spade Technology is a proven leader in providing IT consulting and cybersecurity in Boston and New England. Contact one of our expert IT staff at (508) 339- or send us an email at firstname.lastname@example.org today, and we can help you with all of your cyber safety, defense, and security questions or needs.