Will your organization end up on the CISO’s Naughty List this year?

Nov 20, 2017 | Security-GRC | 0 comments

The holidays are fast approaching and your organization could be making some serious mistakes that will surely put him or her on Santa’s naughty list.

Not only will these whoopsies put your company on the CISO’s naughty list, but they can result in stolen data, diminished customer confidence, reputational harm, compliance penalties and legal fees. So to help you avoid getting coal in your stocking this holiday season, we’ve put together a list of mistakes you can avoid. And make 2018 a happy new year.

Check your list and check it twice for these naughty behaviors:

Denial. Believing a breach won’t happen to you is the one of the worst mistakes you can make. Reality is, a breach can happen. It happens every day to companies just like you. I’m sure Equifax will be on the naughty list this year … don’t let that be you.

Not testing your employees – KnowBe4 states that 16% of people who open a phishing email click on the links the email contains. What’s the number at your organization? (You don’t know?) Test it and train and coach your team so you get better and better.

Overlooking Shadow IT – Between 90-95 percent of the Cloud services in use discovered by Netskope monitoring are unsanctioned services. Here’s 6 reasons you should add a CASB to your Cloud Ecosystem

Using a “silver bullet” approach to endpoint protection – This isn’t Halloween … there’s no silver bullet that will kill the werewolf, or in this case, the virus and malware that are lurking behind your PC screen. To get that “nice list” status with Santa, you will need to ramp up your efforts and ensure each end point is protected with a layer of armory.

If all else fails, give Santa’s elves a call. ASMGi can help you revive your security program and prep you for Santa’s nice list.

Four ways we can help:

  1. Penetration testing so you can make sure you are ready for a break and holes in your system are remediated.
  2. Security Awareness training. From creating a custom training program to providing continuous testing, we can help.
  3. Get control of your Cloud. ASMGi works with clients to help choose the appropriate service that works practically in their environment.
  4. Stop with one-off solutions and revise your program. We can help you develop a layered approach to security. Using several different security solutions that work together will reduce your attack surface as opposed to only relying on one solution that may open you up to risks.

View/Add comments

<script type="text/javascript" src="//platform.linkedin.com/in.js"></script><script type="in/share" data-counter="top"></script> <a href="https://twitter.com/share" class="twitter-share-button" data-via="ASMGi_CLE">Tweet</a> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^https:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');</script>

Related Posts

Navigate the blog