Security Lessons From The T-Mobile Hack

The National Cyber ​​Security Alliance found that 60 percent of companies are unable to keep their businesses open six months after a cyber-attack. It should be obvious by now that security threats should always be a high business priority, and in most cases, cybersecurity should Faulty prioritization is one of the reasons why we often see cybersecurity technologies failing organizations. While every organization is different and has different needs, in an ever-evolving threat landscape where attacks can come from anywhere at any time, cybersecurity programs must always lead the way and be built for modern and novel attacks. If your cybersecurity program is not leading then it is probably bleeding, and will unravel when a nefarious event happens.

Cybersecurity is not for the faint of heart. Foremost, good cybersecurity requires tremendous organizational will, but it also requires disciplined efforts, heightened knowledge, an investment in resources, proper planning, a budget commitment, a structuring of operations, a mission statement, and a vision. If the organization does not have what it takes, then it needs to find a partner that has mastered this.

IoT and Mobile Incidents

There is an unsettling feeling that comes from the news of a major breach, especially when the affected brands are technologically focused. Last summer, we spoke of an incoming IoT winter when the news of a breach at Peloton hit the press. Stories of cyber hacks We are only at the beginning of this winter and the reason for that is that cybersecurity continues to be a business afterthought for high-flying tech companies.

Nascent IoT companies are not alone. Last year, T-Mobile, one of the most popular mobile phone service providers in the US, was the victim of a major data leak. Significant data was lost to the tune north of 7.8 million existing customers and 40 million records from prospective and previous customers.

While the damage did not directly include financial data, the consumer impact of the breach serves as a sign of the uneven nature of cybersecurity practices that exist throughout the industry. Consumer credit companies such as Experian have notoriously lost troves of data to a major breach. Of course, the state of cybersecurity practices has hopefully improved in all those organizations, but it is fair to point out that all these organizations had some form of traditional enterprise cybersecurity in place at the time of incident. That traditional cybersecurity mentality missed and will continue. to miss.

Living on the Edge of Threats

Whether you are consumer or a business, we are all constantly living on the edge of a cyber threat abyss—whether we know it or not. Hackers work at such a ferocious speed of evolution and scale that it requires us to always be on an equal. and greater posture of cybersecurity capabilities. If an organization does not prioritize security and have it at the core of their mission, then it is difficult to imagine that organization is working on the edge of the latest security.

Mobile technology companies did not build themselves on cybersecurity, but they have slipped into a position where security is an expectation. IoT companies, the kind that want connect your toasters to the web, cannot moonlight with cybersecurity. Someone needs to focus on cybersecurity as a core mission for these organizations if we want to keep our data safe.

Slipping on Security

The biggest cybersecurity gap is known as complacencyWhen a business network has not been breached recently, it is easy to carry on with the same outdated security measures. It is almost natural to lose focus, but under these conditions it is only a matter of time until sensitive customer data is in the hands of a cyber criminal.

Organizations that wish to be secure and address risks must structure their security from the foundation upward. This can be a difficult task to execute when the core of the company’s products and services are sourced in market velocity and technical novelty. This is where companies should seek. help from experts that live and breathe cybersecurity.

Structuring a Cyber-Security Strategy for Business

Based on Maslow’s hierarchy of needs, we all want a safe and secure physical and virtual envirment. We also happen to all like convenient devices and the ability to check in on our Wi-Fi enabled crock pots. So let us please build these capabilities right ..

We must analyze components of where the data is, what the data is, what data is valuable, who can access it, why, and when. We must also consider For example, you probably don’t need non-customer data that is seven years old, as was reported in the T-Mobile incident. If necessary for any reason, it should be as highly secured and inaccessible as possible.

Moreover, we must build on the concepts of comprehensive security. The mission of this approach is to address the spectrum of compute, endpoint, application, and user resources with full awareness. In essence, security protocols for every organization must be universal and the protocols The protocols include system and application updating, service and security assurance, intelligent protections, and many other components that are a part of the comprehensive security approach. In most cases, these services are best proctored to industry. partners that are specialty focused on secure systems and compliance.

..

Leave a Reply

Your email address will not be published.