Cyberwarfare is the New Normal

Protect Your Data with Seven Critical Steps

Long gone are the days of traditional warfare. Today actors across the globe are training for the battlefield of the digital age; one that’s not staged on land or sea, but rather online. Soldiers who participate in this new warfare do not need planes, cannons, tanks, firearms or even bullets — only access to the Internet and the smarts and the motivation to do harm.

To achieve strategic advantage, states are training their online armies to be digital masterminds in hopes they will gain the upper hand in cyber warfare by stealing information, exposing vital secrets and gaining the ability to wreak havoc on their adversaries. Other malicious actors also may engage in these activities for a combination of monetary, state, religious and philosophical reasons.

We’ve already witnessed this new, sophisticated combat in action: Russia’s meddling in the 2016 U.S. presidential election, cyberattacks against industrial control systems for power grids in Ukraine and the WannaCry attack, allegedly staged by North Korea.

While this kind of high-stakes, ultramodern antagonism might seem only imaginable in Hollywood cinema, it’s an alarming reality the entire world faces in 2019. And to be clear, your firm gets no exception.

In fact, in a recent survey by Tech Pro Research found only 28% of 248 respondents said they have not been a victim of some form of security attack. Meanwhile, 86% said they were highly or moderately concerned with cyberwarfare attacks more than they were with general security risks.

So how do you protect your business in this new area of cyberwarfare? You start with a  establishing a risk management program, says TalaTek President and Founder Baan Alsinawi.

“Risk management is critical to forming the basis of a sound and strategic cybersecurity program for organizations of all sizes. It is best accomplished through an initial risk assessment where data is identified, categorized and ranked according to the perceived impact on an organization should its data be exposed, lost or stolen,” Alsinawi said.

At a minimum, organizations should take the following 7 steps to protect their data:

  1. Set up multi-factor authentication for users accessing your network.
  2. Utilize access control to manage who gets access to what data.
  3. Use encryption to protect data at rest and in transfer.
  4. Enable access to secure, encrypted backups.
  5. Manage your vendors and partners accessing your systems.
  6. Be sure to have in place disaster recovery and continuity of operations plans.
  7. Engage cybersecurity frameworks and other regulatory controls to manage and monitor systems.

Following these seven steps should be the minimum requirement for any firm operating online, given the sophistication and ever-growing threat of digital foes in this modern world.