3 Cybersecurity Management Resolutions for 2016

It’s becoming an annual refrain, but the previous year was another bad one for cybersecurity. High-profile breaches exposed alarming amounts of protected data, and new hacking technologies/techniques effectively outsmarted many of the defenses put into place. It’s clear that things have to get better in 2016. With that imperative in mind, all cybersecurity managers should commit to making these three resolutions:

Figure Out the BYOD Problem

The threat of mobile devices contributing to a security breach is widely acknowledged. But even as the ubiquity of these devices has ballooned and they have increasingly been used for work purposes, many enterprises still do not have an effective BYOD policy in place. The first step is to develop the policy, but after that it’s essential to monitor, review, and analyze its efficacy and make revisions as necessary. Mobile security is going to be a battleground for many years to come.

Get Real About Insider Threats

All of us, even cybersecurity managers, tend to think that the biggest threat to IT comes from well-organized groups of hackers huddled around a bank of computers in some shadowy remote location. That makes for a dramatic villain, but the real culprit you need to be worried about is sitting in front of a computer in your own office. A 2014 report published by IBM revealed that 95 percent of all the security threats the company investigated involved user error. No system is safe when the average user can make it vulnerable.

Invest a Lot More in Training

Both of the previous two entries reveal a truth that needs to be on your mind throughout 2016 – most people don’t know or care enough about cybersecurity. If they did, a large number of the most time, and labor-intensive problems you deal with would disappear. That is why training must be a priority throughout the coming year. This training needs to be comprehensive, face to face, and ongoing. It should focus on broad best practices while also including security strategies that are tailored to individual positions/departments. In addition to training, encourage your employees to report suspected vulnerabilities or attacks without fear of punishment. A 2014 research report found that the cost of security incidents was reduced by 76 percent when employees underwent training.

Even with these new measures in place, 2016 is sure to be an active year in terms of threats and attacks. Now is the time to review your staff and look for skills gaps, weaknesses, and areas of understaffing. If you find that you lack the necessary cybersecurity professionals to keep your company safe, contact The Squires Group.


Leave a Reply

Your email address will not be published. Required fields are marked *