SecurityInfoWatch.com on Ways to Protect Your Organization’s Data, Improve Cybersecurity
Hikvision Offers Cybersecurity Best Practices, Tips to Avoid Phishing, Malware
In the SecurityInfoWatch.com (SIW) article, “Don’t let poor data security become your organization’s biggest liability,” the author offers advice to help organizations better protect their data from security breach, and be more data resilient if hit with a malware attack.
From the article: “As the amount of private and confidential data grows, compliance should no longer be an option, but a requirement. At the same time, cybercrime is evolving to become more sophisticated and unpredictable. WannaCry, one of the most notable ransomware strains of 2017, targeted computers running on older Microsoft Windows operating systems. It was a new variant of malware that automatically spread itself, installing backdoors onto infected systems and infiltrating users’ computers through the network, bypassing the usual step of the user opening an email. Early in 2018, ransomware attacks against Atlanta and Baltimore disrupted critical emergency services and resulted in the loss of critical data.”
How to Protect Data When Dealing with Ransomware
Ransomware is a cybersecurity attack that uses malware to exploit a system vulnerability. According to the article, the U.S. Government’s Department of Homeland Security (DHS) made recommendations that organizations implement best practices such as provide employee security training, update software in a timely manner, and perform frequent data backups.
The article also offers three strategic actions organizations can take to improve data recovery after a malware attack:
- Use data backup and recovery plans to ensure resilience if a ransomware attack were to occur
- Employ data access management and encryption to minimize the effect of malware
- Store data in multiple locations in different geographies to improve data recovery and resilience
Employees and Data Security
Referencing Coca-Cola’s data security breach due to unauthorized employee access, the author recommends the following actions to improve organizational control over data:
- Develop an internal policy that requires “access limitations across the organization, which only grant data access to the roles requiring the data in a usable format to perform their jobs.” Ensure that you select a solution that offers the ability to set up these role-based permissions.
- Create a culture of security that includes “organization-specific best practices for sending, opening and saving files.”
More on Data Control
The cloud and GDPR present new opportunities to improve the way data is handled, stored and protected, according to SIW. To meet regulatory standards and to improve cybersecurity, the author recommends a strong industry-standard encryption such as FIPS 140-2, cryptographic policy enforcement, data destruction, access auditing and integrated key management.
To read the full article, click here.
Hikvision Offers Cybersecurity Best Practices
Hikvision has offered cybersecurity best practices for partners to reduce risk of security breach and minimize concerns. Efforts have included the following cybersecurity initiatives:
- Hikvision’s dedicated Cybersecurity Hotline
- The Source Code Transparency Center
- Online Cybersecurity Center with firmware updates
- U.S. and Canada cybersecurity road shows that taught best practices to partners across multiple cities
Hikvision also recently announced its achievement of the U.S. Government Federal Information Processing Standard (FIPS) 140-2 Level 1 certification, an encryption standard created by the U.S. National Institute of Standards and Technology (NIST) for its encryption module (HikSSL) to be used in both IP camera and NVR products.
In addition, Hikvision has written numerous cybersecurity blogs with best practices, tips and insights. Visit us online for more.