|
I bet you didn't know that Barack Obama was a cyber security expert.
The popular American President has been many things throughout an impressive career: community leader, best-selling author, political machine. And on further analysis of some of his statements he's made over the years, it's clear that he's got network security and online protection for business on the brain. To demonstrate:
"Effective international police actions require the highest degree of intelligence sharing, planning and collaborative enforcement."
Obama recognizes that if we're going to take out the cyber criminals, we're going to have to take out their sanctuaries.
On a local level, this means ensuring that our own systems and those of our business partners are covered by a range of security measures we've often talked about in Cyber Security Informer: network security audits, regular web code reviews, professional firewall configuration, patching and updating of systems and all of the other little things tha companies big and small must do. The bad guys mustn't be allowed to operate from our own territory.
He's also talking about the international situation. Hackers and phishers can operate from certain countries far away from North America without fear of getting caught, much less getting punished. Really sticking it to the bad guys will require an unprecedented level of international cooperation and knowledge sharing. In the short term, it seems unlikely. But leave it to an American President to make grandiose statements about taking down the cyber-terrorists.
"Money is not the only answer, but it makes a difference."
Obama has clearly been in on more than a few IT department budget meetings. When it comes to protecting your customers' information, throwing money at a problem isn't necessarily the best option.
But some elements of effective security do cost money. A professional Network Security Assessment or Web Security Assessment that helps you keep your vulnerabilities locked down isn't free. But the judgement companies investing in security have to make is that this budget outlay will help protect the company's revenue stream and also avoid the cost of a data security breach; typically many times the cost of proactive security.
A stimulus package for security can help your company's economy in the long run.
"I don't care whether you're driving a hybrid or an SUV. If you're headed for a cliff, you have to change direction."
Obama is making a point here about the difference between the technology you choose and the processes you have in place for protecting your customers' information, avoiding the cliff-diving disaster of a data breach.
For instance, privacy policies aren't just boiler-plate placeholders on your website - these are rules that will actually help keep private data out of the hands of cyber criminals.
The brand of firewall you have in place or the type of anti-virus software you're using can be secondary. First you have to make sure you've got clear direction for your company and employees in terms of protecting what's important.
"You know, my faith is one that admits some doubt."
Here, Obama is talking about business owners doing their best to implement cyber security while recognizing that there is no such thing as a 100 per cent solution.
His statement is a reminder that business owners and managers need to take on data privacy and security measures with the knowlege that the game is about mitigating risk, not eliminating it entirely.
Do what you need to do to protect your network and lock down your web applications. Talk with your experts to monitor and ensure that your security measures are configured correctly and patched. And if you do that, your business may have earned the right to the audacity of hope.
Cross-posted from Cyber Security Informer April 7 2009
Vaclav Vincalek
Pacific Coast Informer Blog
Posted April 9, 2009
Categories:
General
Security
Comments
Add Your Comment
|
