I always remember Donald Rumsfeld’s slightly crazed interview about the threats the US faced in the post 911 world. What sounded at first like the ramblings of an idiot in 2002, and earned the then US secretary Of Defence the Plain English Campaign’s annual Foot in Mouth award, now seems to me to be a prescient reminder of the security threats in a digitally connected world. Like the apocryphal “you don’t hear the bullet that gets you” the phrase about “known unknown” and “unknown unknown” threats is worth remembering.
Given the levels of hype and news coverage all IT managers are aware of the known Cyber Security threats and most will have done something about them. If business leaders weren’t concerned about the reputational threat from a data breach they are now. New legislations forcing all European businesses to report breaches is certainly focusing their minds on this issue. But how do you address the “unknown unknown” Cyber Security threats as this is the one that will probably get you?
One way is look to keep up to date with best practice. The National Cyber Security Centre is a good source of information their 10 steps to Cyber Security is a good place to start. Another option is to engage a Cyber Security consultancy to carry out an Audit of your defences.
Unfortunately Cyber Security is not a task that can ever be ticked off your to do list, it requires a constant state of vigilance and constant updating of your understanding to minimise the “unknown unknowns” . Something will eventually get through your defences, or emerge from within your organisation as this is often where the greatest threat lies, so you will need to prepare for the inevitable and continuously review your Disaster Recovery policy as a part of your Cyber Security vigilance. These threats are here to stay, they are an inevitable consequence of the mobility and digitally connected world we have created but the risks can be mitigated if we keep looking for the “unknown unknowns”
You can’t stop all attacks but you can reduce their impact and ensure a rapid recovery if you are hit. Take our free online cyber security survey now.
This blog has been written by Steve Bailey, MD AIT Partnership