Security Tips Provided by a Professional Hacker

"Cybersecurity is definitely no longer a server room issue," says David Finn, Executive Director at the Microsoft Cybercrime Center. "It's a boardroom issue." He notes that on average, it takes 243 days before an organization even knows that it was penetrated by a cybercriminal.

Today, when one in five businesses are the target of a security breach, bad things are inevitably going to happen. That's why looking at your organization from "the bad guy's perspective," says Tiffany Rad, is crucial. Rad is rated one of Bloomberg's top "white hat" hackers (computer specialists who break into protected networks to test security and advise organizations on improvements).

One of the most difficult things in Rad's industry is protecting against insider threats. But she notes there are products entering the market that have "an algorithm to check for abnormal patterns, when it looks like someone's going to sites perhaps that they shouldn't be during working hours or they're on different hours than normal."

In terms of external threats, there's a lot of attention on protecting businesses as they move to the cloud. Ken Biery Jr., Verizon's Managing Principal of Governance, Risk and Compliance, explains that it's important to provide physical and logical security. Rad agrees, noting that in addition to firewalls and antivirus software, protection against malware is critical as more and more hackers look to steal intellectual property to give themselves or your organization's competitors a heads-up on what your organization is planning.

You're "only as safe and secure as your weakest link," says Finn, admitting that when you rely on the cloud, "you trust that an organization is going to invest enormously in your security."

But, as Biery sees it, "the good thing about a lot of the cloud providers that are out there is their default security, and the security they built into their environments are often better—especially for small and medium businesses—better than what they could do themselves."

Biery also points out that companies need to stay in control with the advent of BYOD (Bring Your Own Device). With mobile device management, "you can take and keep your sensitive information in an encrypted container on that employee's phone. So it kind of exists as its own virtual machine in that environment," he says, explaining that you can delete access and the encrypted container without affecting personal data such as photos.

The bottom line, agree the experts, is that companies of all sizes need to amp up protection. Even if you think your business information isn't of interest to others, Rad assures us that there will always be hackers that find your digital footprint interesting and will do something with it—if only because they can.
Need insurance for You, Your Family or Your Business?
We can match you to a qualified, local insurance expert!
Further Reading
"Cybersecurity is definitely no longer a server room issue," says David Finn, Executive Director at the Microsoft Cybercrime Center. "It's a boardroom issue." He notes that on average, it takes 243 days before an organization even knows that it was...
The professional references you include on your resume should be people who can give you a positive referral. You may think your former bosses, supervisors or managers are on the same page with you, but what happens if they don't have your best inter...
Selling your home can be a stressful undertaking that necessitates a considerable amount of expertise and patience. Most people eventually learn that, when dealing with some of life's larger issues, it is best to seek the advice of professionals. For...
A project architect or engineer typically carries responsibility for the design of a house, high rise or other structure. However, contractors now also play a role in project design and may be liable if something goes wrong. Consider the benefits of ...
Although most workers accept responsibility for financing their retirement and rely primarily on their 401(k) plans to get them there, many workers aren't sure that they can manage the 401 k plans effectively, according to a Schwab Retirement Plan Se...