Earlier this month, we saw a video from a well-known ethical hacker sharing 5 tips for keeping yourself safe online. Ethical hackers are cyber security experts who are hired to use their hacking abilities to identify vulnerabilities for companies (instead of exploiting those vulnerabilities for their own ends).
We dug into some key lessons ethical hackers have noted for businesses, and here’s what we found:
3 Key Lessons from Ethical Hackers
Security is a journey, not a destination
The only constant in technology is change, so you’re never really ‘done’ with cybersecurity. It is an ongoing process that requires security updates, constant vigilance against vulnerabilities and insecurities, patching and learning, and sharing the lessons (with your team and the wider industry), on repeat.
By embracing this “journey” perspective, companies can approach security with the necessary resilience and adaptability, transforming it from a daunting task into a continuous process of learning, improvement, and ultimately, increased safety.
Consider scripts to bolster your policies
Even in the AI-age, humans remain your most valuable resource. But they’re also fallible, particularly when it comes to cybersecurity, as this video shows:
The story the woman tells is compelling. It’s easy to see why the person on the other end of that call gave her account access. It’s also easy to see how simple it is to fake an emotional story.
Providing scripts to your team members who may need to say no to external parties looking to access or update account details without following the documented process, makes it easier for them to know what to say. The better prepared your team is for these situations, the less likely they are to stumble for a response (and possibly choose a dangerous path).
Security is everyone’s responsibility
Unfortunately, security can’t be siloed – it is everyone’s responsibility.
And since you are tasking everyone in your company with keeping your data, networks, and systems safe, you should empower everyone, from developers to marketing interns, with basic security awareness training and clear protocols.
Remember, a security breach can trigger legal repercussions, regulatory fines, and damage to consumer and investor confidence. By fostering a culture of security responsibility, you’re proactively mitigating these risks. Plus: imagine the cost savings and brand protection gained if an employee flags a suspicious email instead of clicking on it!
If you need assistance developing your company’s privacy and security program, reach out. Our attorneys would love to work with you.
Disclaimer
The materials available at this website are for informational purposes only and not for the purpose of providing legal advice. You should contact your attorney to obtain advice with respect to any particular issue or problem. Use of and access to this website or any of the e-mail links contained within the site do not create an attorney-client relationship between CGL and the user or browser. The opinions expressed at or through this site are the opinions of the individual author and may not reflect the opinions of the firm or any individual attorney.
