Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.

No cookies to display.

Boards of Directors are focused more on Cyber Security Incidents

Share Your Thoughts: Facebooktwitterlinkedin

Boards of Directors are focused more on Cyber Security Incidents

Ken Mercer, Firestorm Principal, and Jack Healey, CPA/CFF, CFE teamed together to present key facts and recommendations to prevent your organization from falling victim to a cyber security crisis.

 

  • It’s estimated that 65% of all organizations have experienced a Cyber Incident in 2016.
  • The number of stolen records are approaching a trillion records.
  • The average incident goes undetected for 214 days.cyber attack
  • The Internet of Things (IoT) represents a new dynamic to the problem.
  • Yahoo reduced its sales price by $350 million due to poor breach response.
  • The FBI estimates $1 billion in losses incurred in 2016 due to ransomware.
  • While most focus on Cybersecurity, the evolving issue will be privacy rights.

What steps can you take to improve your security posture, and reduce your risk of a cybersecurity incident?

1. Develop a Cybersecurity plan using a recognized protocol such as the National Institute of Science and Technology (NIST) framework. This framework is available for large and small companies.

2. Practice good Cybersecurity hygiene:

  • Install and update Firewalls and Anti-Virus software.
  • Adopt complex passwords and two factor authentication. Complex password software is very affordable.
  • Update all software and apps – if you don’t use them – delete them!
  • Install Encryption software on all devices especially laptops, tablets and mobile phones. Again, this is very affordable.
  • Segregate and back up data frequently – at least daily in an ‘off line’ environment.
  • Keep only data you need, and encrypt it when not in use. Discard all old and unused data, and remember to shred paper data.
  • Restrict access to data to only those required to have access.
  • Restrict ‘administrative rights’ to only those required and qualified to use (hint: not usually the CEO). Train your associates on ‘phishing’ and business email compromise frauds so they don’t become victim.

Related: Download the Paper: Cyber Crisis 2017 – The Heavyweights Weigh In

3. Include your outside experts: legal, risk (insurance), forensics, communication, compliance, and Firestorm breach coach in your Cyber Incident Response Plan.  Test the plan, your first cyber attach is a bad time to practice your response with the plan for the first time.

4. All experts agree that almost all companies have been hacked; being prepared is more important than believing you can stop it.

A Cybersecurity Response Plan should be part of your overall Enterprise Risk Management plan.  New laws in numerous states and the European Union regarding the privacy rights associated with data now make the penalties for losing that data extraordinarily high.

Firestorm leadership, as experts in vulnerability analysis, risk mitigation, planning and crisis management, supports management and organizations before, during and after a cybersecurity crisis. How you answer the questions “What should we do now?” and “What should we say now?” can have far reaching implications for an organization.

Do not hesitate to reach out to the Firestorm team to help kickstart, or update your cybersecurity plan. We’re here to help.


About the Authors

web ready Jack Healey-2 by Marchet ButlerJack P. Healey, CPA/CFF, CFE

Mr. Healey is an expert in operational, financial and organizational governance strategies and tactics. He has focused on those elements of business operations which increase cost, drive inefficiencies and reduce the effectiveness of an organization’s performance. He now instructs business executives how to eliminate these ‘financial mud holes’ in their organizations.

Mr. Healey’s unique background as a trained negotiator, a COO/CFO and Corporate Secretary of a public company (coupled with a successful career as an audit and forensic partner and fraud fighter in a public accounting firm) brings a unique perspective to address the financial, governance and human elements which impact a business.

He has developed the Business Crisis Predictive Diagnostic Model™ which identifies the hidden crisis-risks imbedded in businesses before they become a crisis. He has used this model to successfully identify process and functional deficiencies. If left unaddressed, these would significantly impact the people, profitability or reputation of an organization. Learn more about Jack.


Crisis Management Ken Mercer

Ken Mercer

Ken is a graduate of West Virginia University with a degree in pharmacy.  He brings significant experience to Health Industry businesses with a focus on Hospitals and Senior Care Centers.  He has managed retail, nursing home, and hospital pharmacies and has owned a successful business during his twenty-nine year career.

Ken’s extensive operations management and lean principals experience provides our customers with a global business perspective with a clear and profound connection to the impact on human well-being and safety.

The proud father of three successful children, lives in Baltimore, and enjoys scuba diving, sailing, and playing guitar. Learn more about Ken.

 

Share Your Thoughts: Facebooktwitterlinkedin