Just as public health advocacy has moved from reacting to disease to emphasizing prevention, businesses and individuals needs to make this juxtaposition for cyber attacks. Most companies’ cybersecurity strategy is reactive – triage to contain damage. The new way forward is to ensure cyber wellness, which is a proactive stance to prevent and respond to attacks.
Business leaders, from start-ups and small businesses to large privates and multinational public companies, are yearning for a paradigm to manage the risks and rewards of technology today and tomorrow. This topic isn’t reserved for business leaders – it’s rightly also of concern to them as private citizens themselves, and also for their employees and their customers.
Today people can be tracked easily — and knowingly — from their mobile phones or Fitbits. But they can easily be tracked, perhaps unknowingly, from devices like a car, a watch, a TV, a pair of sneakers, a hearing aid, and even a child’s Barbie doll or skateboard. The attack surface will dramatically expand further with Internet connectivity touching everything from light bulbs, alarm systems, appliances, planes, pacemakers, and beyond, positioning themselves vulnerable to manipulation.
A cyber wellness program is advised because new threats are emerging as technology continues to get embedded in personal lifestyles and workplaces.
What to do: Consider how predictive weather data enables coastal areas to initiate preventive measures before a tropical storm arrives. Cyber wellness functions the same way; it doesn’t wait for an attack to happen. Intelligence and threat assessment data should be used to create active learning scenarios to deepen employee cyber knowledge/training – as well as to provide flashing updates.
These are the initial steps to take; perform an initial vulnerabilities assessment, create a prioritized cost/benefit remediation plan, determine if approach and security strategies meets best practices, and evaluate your current spending relative to the value of the assets protected.