Politics and cyber threats are inextricably linked in 2017’s cyber threat landscape. Political drama can serve both as justification for cyberattacks and as a distraction that can make governments and organizations more vulnerable.
The recent, inconclusive debate about whether the WannaCry ransomware was a well-timed North Korean nation-state attack illuminates both sides of the coin. But whether Pyongyang is behind the WannaCry ransomware or not, it had a devastating global impact.
Regardless of political views and stances, there’s no debate about one thing: the threat of cybercrime is growing in both magnitude and diversity. Every agency, organization and individual is a target. And one headline after another proves that “security by obscurity” is no security at all.
Surviving Cyber Threats 2017
With so much cyber-hype in the media, and so many exploits on the loose, how should businesses view and respond to today’s cyber threat landscape? Simple: put your trust in what works.
Adopt a Security Standard
No matter what the US government is up to or what the latest mega-hack looks like, the best defense is to prepare your organization by leveraging an international InfoSec standard or framework such as ISO 27001. This will allow you to understand your security baseline and continually, pragmatically improve your security posture to resiliently defend against opportunistic threats, “come what may.”
Collaborate with Industry Peers
Another benefit of alignment with an accepted InfoSec standard like ISO 27001 is it can put your business in a position to collaborate with industry peers on best practices, to collectively or systemically improve security. Financial Services is just one example of a vertical where firms are interconnected and collective outreach can help reduce everyone’s risk.
Streamline Regulation Compliance
Further, alignment with a globally recognized standard can streamline compliance with new regulations that may arise both domestically and internationally in response to emerging threats. Organizations with a global footprint may face not only a broader spectrum of attacks but also a broader spectrum of regulatory mandates and guidelines. One-stop shopping for your InfoSec controls can help reduce cost and complexity while also keeping your security posture more consistent—and more consistently verifiable.
Few would argue that we’re living in interesting times. It’s never been more vitally important for organizations and individuals to explore their options and gain assurance their sensitive and/or business-critical data and systems are as secure as they can realistically be.
Against the current geopolitical backdrop, there’s no better feeling than knowing that your particular piece of the puzzle is “demonstrably secure,” and that you have a process in place to keep it that way.
Now is not the time for guesswork, half measures or “hope as a strategy” in the realm of cybersecurity.
Talk to a Cyber Threat Expert
If you have questions or concerns about your organization’s InfoSec risk profile, or just want to get an independent take on your issues and options, contact Pivot Point Security.
For more information:
- Steps for preventing the WannaCry ransomware attack
- Thoughts on how cybersecurity has become a political football
- Predictions for how the dynamic between government, politics and cybersecurity will shift in the near-term
- The WikiLeaks Vault 7 CIA Leak: What Businesses Need to Know and Do
- Does size matter in cybersecurity?
- The danger of over-hyping cyber threats
It’s a process made up of things you already know –
and things you may already be doing.