5 Cyber Security Considerations Your Company Should be Making
by Kate Rodgers | March 22, 2017
You may think you have a handle on your company’s cyber security, but 87% of board members and C-level executives say they lack confidence in their companies’ levels of cybersecurity (Ernst and Young). When it comes to cybersecurity, there is a world of unknown and knowing where to start is half the battle.
After hearing from BioForward’s cyber security panel with experts from Ernst and Young and Reinhart Law last week, it became apparent that many companies do not realize the importance of cyber security regardless of their company size or industry. When it comes to biohealth companies, especially digital health companies, cybersecurity is vital in building a successful business and gives you the competitive edge.
So, what cybersecurity considerations should your company be making?
1. Understanding the Cybersecurity Landscape
A cyberattack is a matter of ‘if’ not ‘when’, with companies who think they’re low risk often being the ideal targets. Each organization has data that is valuable to hackers whether it be R&D data, medical records, financial record, client information, or internal documentation. Since absolute prevention is no longer a realistic approach to cybersecurity, preparedness and detection methods are essential and can be broken down into a four-step cycle: complicate, detect, respond, recover.
2. Determining Where You’re At: Data Risk Assessments
To know where you’re going you must understand where you’re at, and cybersecurity is no exception. The first step is assessing where your data is, how it’s controlled, and what your vulnerability is as an organization. A current state assessment may be timely, but it will allow you to rate your risk and decide how to best allocate your resources for cyberattack prevention and recovery.
3. Cybersecurity as an Enterprise Endeavor
David Shade of Ernst and Young explained cybersecurity as an ‘enterprise endeavor’, stressing the importance of involvement from the executive level when instilling a cyber-aware company culture. Employees are often a weak link in cybersecurity, with posting at work giving hackers an easy access point into their system, so internal training can go a long way for your company’s cybersecurity and finances. Heather Fields of Reinhart Law stressed that even innocent details shared on social media can give hackers what they need to launch a more sophisticated attack.
4. Finding the Weakest Link: Liability and Ecosystem Risks
The easiest way into a company is careless employees and affiliate companies in their ecosystem. Your organization may be a stepping stone to a larger target, or inversely, hackers may be getting into your system via a smaller partner organization. Justin Webb of Reinhart Law reminded us that attacks always hit the weakest part of your security, so you must be aware and assess those companies that have access to your networks. Understanding your business ecosystem, how data is shared and stored, and where liability falls in the case of a data breach is essential for having a good grasp on your cyber security situation.
5. What’s Next? Moves in the Right Direction
Whether you’re a startup or large organization, now is the time to strengthen your company’s cybersecurity. Understand your risks and go above and beyond required legal compliance for increased security and competitiveness. Create a plan for implementing your organization’s cybersecurity strategy and continuously work towards improving your efforts. Focus on protecting the information rather than the infrastructure, securing your data should be the number priority. Only store data that you need access to on your computer, secure the rest in a separate drive or location. Finally, focus on strengthening each step of the risk-management cycle: complicate, detect, respond, recover.
Ready to take the first step towards a more cybersecure company? Reach out to panelists from BioForward’s event for cybersecurity expertise. Want to stay in the loop on Wisconsin biohealth news, networking events, and educational forums? Join BioForward’s weekly newsletter here!