Protecting your organization’s key data is more important than ever. Data breaches are on the rise. The past year saw significant public attacks including the exposure of personal information of as many as 500 million worldwide guests of one hotel chain, the theft of millions of social media users’ data and breaches at major Canadian banks and airlines.
Security issues not only impact an organization’s reputation – they can also carry financial consequences. In May 2018 the European Union passed the General Data Protection Regulation, which requires anyone storing the data of EU citizens to ensure that information is protected, or face significant fines. Similarly, Canada recently expanded its Personal Information Protection and Electronic Documents Act to require organizations to report security breaches, inform affected individuals and maintain security records.
The increasing complexity and frequency of security attacks will make 2019 a challenging year for IT professionals, but there are steps you can take to lower the risk of a successful attack. Below are some new year’s resolutions that can help you keep a handle on your organization’s security:
- Ensure security is part of your company’s culture.
Securing sensitive organizational information should be every employee’s job in 2019. Create security policies, make sure people understand them and hold employees accountable. You can reward behaviour that boosts security – such as spotting misplaced USB drives or unsecured laptops – to help keep security top-of-mind. You can also gamify security by creating teams, having them work on problems and handing out awards, making the security process more enjoyable and memorable for everyone.
- Develop an incident response plan with plenty of detail.
No matter how secure you think you are, security isn’t foolproof. If you already have a plan in place, make sure you’re rehearsing frequently in the new year, so you know your processes work. If you don’t have a plan, you should begin building one as soon as possible. You’ll need to develop procedures to help employees understand and identify cyberattacks; locate your sensitive data and the technology it relies on; assess the risks to your sensitive data and create recovery procedures to follow if an incident occurs.
- Invest in your team and solutions that help them do their job better.
Hiring and retaining skilled cybersecurity staff is difficult. Cybersecurity skills are in high demand and you need to do everything possible in 2019 to ensure your staff is well-compensated, finds their job rewarding and enjoys the company culture. Since staffing up is difficult and expensive, you should also invest in tools that help your existing employees do their jobs. And if you have multiple security tools, integrate them as much as possible to deliver a comprehensive security picture, and make everyone’s lives easier in the process.
- Automate wherever you can.
IT security staff often struggle to keep up with an increasing number of alerts. You can significantly boost the efficiency of your team in the year ahead by automating some processes using tools that leverage machine learning and artificial intelligence. For example, machine learning can detect patterns hiding in massive amounts of data and flag them to your staff, who can then design an effective response.
- Secure your cloud data.
Cloud providers are responsible for the security of their own infrastructure, but ultimately you’re responsible for the security of your cloud data. In 2019 you need to make sure you know what data you’re storing in the cloud, how sensitive it is and secure it by following the same security practices you employ with your on-premise data, such as encryption, strong passwords and multi-factor authentication.
There’s no way you can possibly predict and defend against every conceivable IT security attack. But by committing to improve your overall security, you increase the odds that your organization enjoys a cybersafe 2019. Learn more about how CDW can help you develop security solutions.