Three golden rules on cybersecurity
Vulnerabilities, risk assessment and new normality
Fortinet – actively committed to protect public and private actors from external threats, counting more than 330.000 clients all over the world – has recently released a new report on cybersecurity. The study put in evidence how 79% of companies has had serious cyber-attacks, such as the American Equifax exposing the personal information of more than 145 million consumers. This data does not only concern companies but also private citizens who face cyber threats everyday.
Filippo Monticelli, Fortinet country manager for Italy, has recently pointed out two main trends concerning the security sector. The first one includes the need for IT teams to keep up with digital transformations, such as the use of multi-cloud systems, IoT devices and new IT services. The second trend Mr. Monticelli stressed is the growing number of cyber-attacks against which only a good cyber hygiene can be considered as an effective tool and a best practice.
Given this complicated situation, three golden rules can be applied to improve cyber security. First, giving priority to vulnerabilities: it is essential to know your weaknesses in order to work on them and be provided with the adequate tools to be protected. Second, conducting a risk assessment: according to the Information Systems Audit and Control Association (ISACA), the goal of the assessment is to explore the environment in which the activities take place and then conducting an analysis of the risks by assessing the data and information gathered. Information needs to be collected both through physical goods (such as infrastructures) and IT ones (such as firewall and anti-intruder systems).
Lastly, it is important to contrast the new normality. Given the growing number of attacks, it goes without saying that both private and public actors need to update their cyber hygiene conditions, enhancing it to a satisfactory level able to grant the protection and effectiveness of the system.