Setting New Year’s Resolutions is great, but when it comes to cybersecurity, you can’t set new goals once a year. Why? Because new threats seemingly appear daily, regulations get updated, and new trends emerge.
As the days tick by and we officially begin summer, business owners and Chief Information Officers at companies around the country are taking stock of the first two quarters of 2016 and the end of the fiscal year.
What went well? What do you think can be improved?
At ZZ Servers, where we interact with companies of all sizes, we’ve taken notes of our own and shared the top trends we noted so far in 2016. Use these. Share these. And most of all set some mid-calendar year resolutions for your company.
TREND 1: Companies are looking for solutions to problems, not just products.
More times than not, companies come to ZZ Servers after they experience something painful in their business and with their networks.
But it’s not specific products they’re after. It’s solutions.
By far, the biggest challenge-solution we see is companies needing to maintain PCI Compliance. It’s the number one thing that anybody who sells anything online (meaning they accept credit cards) needs to be aware of from a cybersecurity standpoint.
The compliance requirements are daunting, challenging, and abstract at best – all of which can be very demanding of time and money.
Just one of many compliance mandates that requires companies to perform continuous log monitoring and review. That one task could be a full-time job. A small company selling things online probably can’t afford an IT person to do anything but review logs all day.
At ZZ Servers, we have streamlined log monitoring and review tasks. We’ve built the tools to review a certified PCI-compliant process (we have third-party auditors review our processes to PCI Service Provider Level 1 annually). Our product offers a solution that is more cost-effective than performing it in-house.
Companies are seeking more solutions like that.
TREND 2: CEOs are looking for people they can trust.
How many times have you read a headline about a big company getting hacked and having to pay out millions in settlements or fees?
Chances are, it’s been a lot.
Many cybersecurity companies out there – and more and more are popping up as they see the vast market created by hackers – are talking about these stats and nothing else. They’re breeding fear instead of trust.
While hackers are something to be aware of, education is needed.
With education comes trust.
One of the challenges that larger companies face as the threats become more real is that cybersecurity wasn’t something they were spending money on before. Today, CEOs are being told to double their budget on compliance.
Unless they have someone they trust to tell them why or how to allocate that budget, they aren’t going to spend that money.
As a result, executives are looking for trusted companies to educate them on what to do and how to best do it.
How can companies figure out if they can trust a firm?
We’re telling executives to ask potential cybersecurity firms the following:
- How do you respond to incidents?
- How fast do you respond to a data breach?
- Are you available 24 hours a day?
- Do you correlate incidents between systems?
- Do you have a big picture of the environment to see historical and statistical data?
- What are you doing to stay updated on the latest trends in cybersecurity and the latest updates?
- Are you doing detailed background checks on your staff?
- How does your staff receive continuing education?
- What types of compliance and certifications (third-party validations) do you have in place?
TREND 3: Everyone wants to move to cloud-based services.
There’s no doubt companies are moving more to cloud-based services. But they don’t always know what that means or the implications to business data security.
The term itself is often misused. The “cloud” is very convoluted and means many different things to many different people.
At ZZ Servers, we see the cloud as a method of abstraction – it extracts the end user from the computing process.
Think about it this way. Before, if you wanted to get money out of your bank, you had to go to the bank and prove you were who you said you were before you could get your money.
With the cloud, and a banking app, customers don’t care about where the servers are or how they work. They care that you can access your account.
For the business executives wanting a cloud solution, these are the things ZZ Servers is starting to talk them through.
When customers tell us they need a compliant cloud solution, we ask them what they mean. We get them to stop using the word cloud to describe what they need to create and rather explain the solution they want to deliver.
TREND 4: Cybersecurity extends to third-party vendors.
Look back on the Target breach. If you read the after-action reports, you’ll note that a third-party vendor of Target created the weakness that allowed the hackers to get in.
As we move into the latter part of 2016 and the start of a new fiscal year, business owners who have already ensured they are compliant are looking to their third-party vendors to ensure there are no weak links.
TREND 5: There’s always a new trend.
There’s always a new trend in cybersecurity. A business with trusted cyber advisors can count on them to keep them up to date, but executives should also work to educate themselves.
Stay tuned to the latest from mass media outlets, like ZZ Servers’ blog and news page, and Forbes, who track and report the latest in business terms.
As always, call ZZ Servers with any questions.