Share this article
Share this article
Most countries employ an army to protect their territory, and companies have locks on their property and even security guards. As the world becomes more digital, companies without a cybersecurity framework look like they’ve left their door wide open. Cybercriminals are taking advantage of these vulnerabilities wherever they can find them. It is essential to design a cybersecurity framework built around several key elements to combat this risk.
The US National Institute of Standards and Technology (NIST) has worked with government, private-sector companies, and academics to create a cybersecurity framework. The NIST cybersecurity framework aims to protect critical infrastructure services such as power plants, hospitals, and financial institutions. It is crucial to ensure the delivery of critical data to this infrastructure to prevent the “debilitating impact” of a cyberattack. Beyond improving critical infrastructure cybersecurity, the NIST suggests that organizations in any sector can implement their framework.
The framework is organized according to five core functions:
ISO 27001 and 27002 is another popular cybersecurity framework. This framework requires a company to invest in implementing these measures to obtain certification from the International Organization for Standardization (ISO).
While Symantec is a household name due to its history as anti-virus software, you may not have heard of many other top cybersecurity companies. Hervajec group, KnowBe4, and DarkTrace are the top 3 companies rated by the University of San Diego in their list of top 100 cybersecurity companies. Let’s take a closer look at each of the 3.
This Toronto, Canada-based Herjavec group offers security workshops, equipment assessment & training, and technology architecture & implementation, among others. They also partner with major technology providers like McAfee. Herjavec’s CEO Robert Herjavec has been a host on US reality show Shark Tank and Canadian show Dragon’s Den.
Florida-based KnowBe4 offers security awareness training, anti-phishing software, and a platform for managing GRC (Governance, Risk Management, and Compliance). Their focus is on the weak links that employees pose in the cybersecurity chain. KnowBe4’s phishing simulation software trains your staff to recognize fraudulent emails.
London-based DarkTrace uses AI to detect and respond to cyber threats facing businesses and industry. DarkTrace trains its AI to recognize the “normal” of your IT system to identify the occurrence of threats like phishing attacks or ransomware. This custom AI solution is packaged into either the “Enterprise Immune System” or the “Industrial Immune System.”
In many countries, cybersecurity law has become more strict in recent years. This push is in response to greater awareness of threats and in an attempt to dissuade hackers.
In the United States, there are multiple federal cybersecurity laws. The 1996 Health Insurance Portability Accountability Act (HIPAA) and the Graham-Leach-Biley Act (1999) have sections focused on data security in healthcare and the financial industry. The Federal Information Standards and Management Act (FISMA) established stronger cybersecurity protections for the federal government. This manual by the Justice Department denotes cyber crimes under United States Law and their punishments.
In the EU, the European Agency for Cybersecurity (ENISA) is the primary agency for cybersecurity. Laws include the NIS Directive (Directive on Security of Network and Information Systems), the EU Cybersecurity Act, and the GDPR (General Data Protection Regulation). The NIS Directive aims to harmonize national cybersecurity capabilities and increase cooperation among EU member states. GDPR has become famous for the requirement that websites ask for visitors’ consent before using their data. This web page notes cybercrime laws in the EU, how they are investigated and what agencies participate in investigations.
Governments have been aware of the threats posed by cyber warfare for years, but cybersecurity risk has been neglected in the business environment for a long time. Still, it is only recently that small and large companies are waking up to the dangers. High-profile cases like the Sony Pictures hack, and the Colonial Pipeline are rare but catastrophic even for large companies. More often, smaller companies fall to the tactics of scammers using ransomware to keep their computer systems hostage until receiving payment, often in bitcoin.
Internet of Things (IoT) devices are becoming more and more familiar as consumers adopt smart homes. IoT devices are constantly connected to the internet and are thus an unsuspecting target for hackers. Hackers can harass you or invade your privacy by hacking through the devices’ security, which is often lacking. It is important to prevent hackers from obtaining access & control of your devices.
IT Help Desks are becoming increasingly popular ways to provide staff with on-call IT support. When it comes to security, adding omnichannel support is a great way to ensure staff can contact IT professionals as soon as possible. ViiBE’s secure WebRTC-based web app works on any device installation free. Users can share screenshots or other documents in the knowledge management tool. Multiple calls from the same employee can be stored under a single ticket. ViiBE’s ticketing system allows tech support to find relevant info from past interactions quickly.
Every company locks its doors after business is done for the day. Cybersecurity best practices should be implemented in the same routine kind of way. Here are some pointers to get started and give your company the understanding to manage cybersecurity risks:
Cybersecurity is critical. Governments recognize the importance of continued delivery of critical infrastructure operations while companies are waking up to the risks of cyberattacks. Implementing cybersecurity frameworks is a great way to ensure your company is prepared. ViiBE can help connect your employees to IT experts in an instant. In customer-facing implementations, ViiBE’s secure WebRTC technology provides extra peace of mind.