Skip to footer
Passcode
Modern field guide to security and privacy

Executives understand the need for data security. Now what?

Business leaders understand the need to protect their digital assets. At South by Southwest Interactive, representatives from Dell and the National Cybersecurity Alliance offered data security tips to help them actually protect their businesses.

  • By Staff

| Austin, Tex.

After a barrage of high-profile hacks, most business leaders get it: Data security is critical not just to their reputation but to their business. But the top level executives still struggle to understand the next steps in protecting their businesses.

That’s the finding of a recent survey conducted by Dell of over 1,000 decision makers at top companies. More than three-quarters reported an increased level of conversation about cybersecurity within the C-suite.

For those concerned about data security but unsure what to do next, Brett Hansen, the executive director of Dell Data Security Solutions, and Michael Kaiser of the National Cybersecurity Alliance offered some practical action items at a talk at this year’s SXSW Interactive festival in Austin, Texas (watch full video).

The first recommendation: Set an example from the top and make security a visible priority. Take a cue from the construction industry, for example, where signs on the front doors of work sites tally the number of days since the last accident.

“You need to create that culture within the organization,” said Mr. Kaiser. “When the C-suite talks about cybersecurity, then everyone talks about cybersecurity.”

Other recommendations:

  • Inventory your data. Ask your team: What do we have, where is it, what is more important, and how will we protect it?
  • Create a culture where it’s okay to come forward and say “I think I clicked on a link I shouldn’t have.” Thank employees for self-reporting.
  • Teach employees about spear-phishing and other risks.
  • Purposefully create security issues – that are carefully contained — and offer prizes to employees who find them and report them.
  • Let people use the devices that allow them to be more productive — but do so only after thinking through how to manage your employees bringing their own devices, for example.
  • Put conditions on access to data. Like the old James Bond cliché, keep data on a “need to know basis.” And look into a new generation of tools that offer contextual access control, meaning an employee sitting at the office behind the firewall will have more access to files than when she is sitting at the airport on public wi-fi.
  • Adopt the five-part cybersecurity framework (pdf) from the National Institutes of Standards and Technology.

These considerations are just as important for small businesses, which represent a growing portion of cyberattack victims (for more on this, watch a second talk between Dell’s Hansen and NCSA’s Kaiser).

About video ads

A company’s conversation around data security cannot just be about technology, it must involve people and their behaviors, said Mr. Hansen, who works with business leaders to shore up their security posture.

“Ninety-five percent of breaches originate with us, the end users,” he said. “If you are not talking about people, and how they work, and how their work is evolving with mobility, cloud, and collaboration, you are not having a true cybersecurity conversation.”

These talks were part of a series of discussions hosted at Passcode's booth at SXSW. See all that Passcode, Dell, Mozilla, and the Center for Democracy and Technology were up to at SXSW and watch the other talks.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
editor@csmonitor.com
Subscribe
Mark Sappenfield
Editor

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

Subscribe to insightful journalism

QR Code to Executives understand the need for data security. Now what?
Read this article in
https://www.csmonitor.com/World/Passcode/2016/0321/Executives-understand-the-need-for-data-security.-Now-what
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe