Spring has Sprung: A CISO’s Guidelines for Organizational Spring Cleaning

Mar 23, 2017

Winter is finally over and spring is in the air. If you’re like us and prefer warmer days, in preparation for spring, we compiled a CISO’s checklist. Throw your broom away and replace it with a pen and paper to be sure you’re following these guidelines:

1. Freshen up your cybersecurity knowledge base: Are your employees cyber educated?

Employees who lack cybersecurity awareness, may open the door for cyber criminals and cause data breaches and ransomware attacks. Most of the time, employees are oblivious to potential cyber threats. Therefor it is highly important to raise their awareness when it comes to cybersecurity risks and security precautions that they can take. Make sure your employees are aware of the fact that each and every one of them can be a potential target, from the top level all the way down, including the IT department. Employees should be taught how to recognize a potential malicious email, link or attachment and send it to IT to be inspected. Ways to raise awareness include: Conducting cyber safety training of suspicious emails and educating them about falling victim to social engineering when providing personal information on the phone or social media.

2. Every cleanse needs a brush up: How strong are your passwords?

Be sure to invest in password managers and two-step verification. Set up a password policy in order to ensure that your employees change default passwords, use different passwords for different platforms, change their passwords periodically, and store their passwords in a safe place. Educate them to avoid the all too common passwords (such as ‘password’ or 123456) that are easy to hack.

3. Dust off your data security habits: Are your organization’s “crown jewels” protected?

Delineate with your IT team where and how your enterprise’s most sensitive data is stored. How well is it encrypted and protected? Who has administrative privileges and what verification methods are being used on those who have access to it? For more information on how to protect your valuable data from criminal cyber activity, read our post on cracking down on cybercrime.

4. Brush up your C-Suite: Are they and the board involved and aware of the risks?

Your organization’s cybersecurity “health” is no longer confined to IT. Hacks have financial, legal, reputational, and operational implications. As a result, cybersecurity has also become a matter for senior management and the board. This has shifted the role of the CISO from technical leader to risk management advisor. Make sure to share with your C-Level managers and directors the challenges that your organization face. Educate them about the implications and trends of the latest cyber-attacks and threats, as well as best practices and the new solutions of how to avoid them.

5. Refurbish your cybersecurity solutions: Are you effectively handling rising threats?

The cyber-attacks and hacks we’ve witnessed in 2016 are revealing an increase in Advanced Persistent Threat (APT) attacks, attacks on mobile phones (which are putting companies with BYOD policies at even more risk), ransomware attacks and more zero-day malware threats and attacks. As you keep up with the news, analyses and reports, make sure you are equally updated about the new solutions that become available on the market. Deep Instinct is the first company to apply artificial intelligence deep learning to cybersecurity. With an innovative technology at its core, Deep Instinct offers solutions for the new cybersecurity ecosystem: instead of just identifying and alerting about threats, zero-day and APT attacks are blocked in real-time on endpoints, servers, traffic, and mobile devices before they can cause any harm. Click here to learn more.

As cybersecurity continues to play a vital part in every business in general and in your role in particular, it is essential for you to stay on top of your game. Make sure to sweep away and scrub off any security risks and replace them with a clean and effecive cybersecurity solution.

New Call-to-action