Alas, the Thycotic “2017 State of Cybersecurity Metrics Annual Report” indicated 58 percent of companies do not measure the effectiveness of their cybersecurity investments and performance against best practices.
- 80 percent of companies never measure the success of cybersecurity training investments.
- 80 percent do not know where their sensitive data is located and how to secure it.
- 80 percent fail to ensure their IT security policies are understood by employees.
- 60 percent do not adequately protect privileged user accounts.
- 32 percent are making business decisions and purchasing cybersecurity technology blindly.
- Teach employees about proper “cyber hygiene.”
- Implement a “least privilege” approach and culture.
- Ensure C-suite executives experience a “red team assessment” to identify and resolve cybersecurity issues before they escalate.
- Develop a cybersecurity plan.
- Back up critical data and systems.
- Test data and system restore capabilities regularly.
- Leverage identity and access management (IAM) technologies and other solutions to safeguard privileged accounts.
- Customize a recovery plan for different types of cyber threats.
- Track access to privileged systems and audit security logs.
- Use key business metrics to monitor cybersecurity successes and failures.
Thanks for reading this post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.
Denis S Wilson
I am President and Principal Consultant for DWP Information Architects: specializing in managed IT support for smaller, fast-growth companies in Greater Los Angeles. And have created cost-effective IT solutions, including managed IT support systems, for small business for over 20 years, specializing in cyber security and regulatory compliancy. I am also a published author and speaker, working extensively with organizations that include: the State of California, the Federal Bureau of Investigation (FBI), the Small Business Administration (SBA), SCORE, Women's Business Centers, and Small Business Development Centers. As well as providing small business technology education programs to business and professional associations.
Check out this white paper:
"Cyber Security Check List That Will Underscore Your Potential Business Risks"