Business Continuity NewsBriefs - August 2, 2017
These NewsBriefs are produced and delivered weekly by Attainium to keep our friends and clients current on topics relating to Business Continuity, Disaster Recovery and Crisis Management.

Cyber Issues

August 2, 2017 - As the quote in this issue indicates, cybersecurity is no longer just the purview of the IT department. Everyone in the organization -- from the C-suite down -- is responsible for some aspect of this problem. This issue looks at cybersecurity from various viewpoints and even provides information on adding cyber scenarios to your business continuity exercises. Try it!

QUOTE OF THE WEEK
"As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace."
-- Newton Lee, Counterterrorism and Cybersecurity: Total Information Awareness --

1. 10+ Critical Corporate Cyber Security Risks - A Data Driven List

Internet-delivered attacks are no longer a thing of the future. They're an impactful reality, albeit an untouchable and often abstract one. It would seem that only those with serious tech skills truly grasp the severity of the issue, but these people can't fix the problems by themselves. That's why everyone who works for a company or helps run it should read this article.
https://heimdalsecurity.com/blog/10-critical-corporate-cyber-security-risks-a-data-driven-list/

2. Creating a Culture of Cybersecurity at Work

Security awareness is foundational to creating a culture of cybersecurity. While technologies are evolving to stop advanced attacks, the human element is essential to protecting data in the workplace. Attackers realize that it is easier to gain credentials through social engineering than to crack security defenses.
http://er.educause.edu/blogs/2015/10/creating-a-culture-of-cybersecurity-at-work

3. Train Your Employees

The best security technology in the world can't help you unless employees understand their roles and responsibilities in safeguarding sensitive data and protecting company resources. This will involve putting practices and policies in place that promote security and training employees to be able to identify and avoid risks.
https://staysafeonline.org/business-safe-online/train-your-employees

4. No more excuses: cyber security must be a C-suite priority

Digital technology has fundamentally changed business practice over the past decade. Cloud based applications dominate, workers routinely access corporate information remotely via smart phones and access to the corporate network increasingly includes supply chain members, contractors and part time workers. Yet cyber security has failed to keep up: and some of the responsibility has to lie with the C-suite.
http://www.continuitycentral.com/index.php/news/technology/1346-no-more-excuses-cyber-security-must-be-a-c-suite-priority

5. Seven tips for successful cyber exercises

Organizations are increasingly focused on understanding the impacts a cyber attack could have on their operations and reputation. Many are now using cyber scenarios in their crisis exercises to test and validate their assumptions on how they would respond and reflect on the unique challenges a cyber attack could bring.
http://www.continuitycentral.com/index.php/news/business-continuity-news/1010-seven-tips-for-successful-cyber-exercises

6. Insider Threats as the Main Security Threat in 2017

What is a security threat caused by insiders? It is true that cyber security threats, such as malware attacks, hacking, denial-of-service attacks and ransomware, are much more frequent than insider attacks. It is true until you look deeper, that is.
https://www.tripwire.com/state-of-security/security-data-protection/insider-threats-main-security-threat-2017/