Blog Date: 8/25/2016
Author: Ray Coulombe

Cyber defense is a serious investment organizations are, or should be, making. But holistic management and organizational approaches often lag behind. Security models have grown organically over the years, but haven’t really adjusted to this new reality.

History shows that protecting assets has been primarily based around physical security, which does not sufficiently account for information assets. Assets were traditionally locked behind doors, walls, gates, and safes, not sitting unseen in a hard drives. Today, technology has enabled new ways, or vectors, for attacks to come from anywhere on the globe.

So what is to be done?

As a baseline, to combat global, cyber threats, information security and physical security must be incorporated in a coordinated counter strategy.

1. Streamline internal security operations
Cyber security programs should be integrated with physical security and based on common datasets, such as Active Directory, for needed authorizations to access information and gain entry.

2. Focus on all types of threats to enable rapid reaction
Security teams should support prevention of crimes regardless of its nature, whether its cyber, physical, information, social or insider-based. Policies and procedures should be known company-wide, with periodic training and testing. Enforce the belief that security is everyone’s business.

3. Create and sustain team spirit
Integrating formerly separate systems and teams is never easy. Clearly define the company process and security operations plan. Publish and discuss cyber security metrics prompting the team to stay oriented towards a cohesive goal.

4. Consider a crisis management team
Everything from natural disasters to terrorism to major disruptions in the supply chains can disrupt global company wellness. A crisis management team can help to mobilize support in local areas when disaster strikes. This should be based on a strong updated cyber and physical disaster plan.

5. Don’t ignore people and assets outside the facilities
Employees travelling away on business or visiting a local coffee shop with Wi-Fi present unique problems, whether they be personal safety or the security of information in their position. Have procedures for protecting both.

Other important assets no doubt exist within the company’s supply chain. Make this an integral part of the security planning process.

Through the integration of people, process, and technology, your company can maintain security holistically, and hopefully using your security investment in the optimal way.

Back to Blog List