United States

Executive summary: Cybersecurity and data breach preparedness

WHITE PAPER

Download executive summary

As hackers become more advanced, organizations must increase their focus on cybersecurity to protect sensitive data and systems. No organization, regardless of size or industry, is immune to cyberattacks, and just one breach could cause significant financial, reputational or regulatory consequences. However, an effective control environment can reduce the likelihood of a breach, enhance incident detection and response, and accelerate recovery efforts to limit damage.

While many organizations think they may not have the type of data hackers seek, the reality is all information has value. Implementing the right security controls can help deter hackers, but the three distinct disciples each require their own focus.

Preventive controls keep incidents from occurring and deter unauthorized access. Preventive controls seek to secure the perimeter, but with technology such as the cloud and remote access, organizations must expand controls beyond traditional boundaries.

Detective controls help to monitor and alert the organization of malicious and unauthorized activity. Infiltration is typically the focus of detective controls; however, these controls can be implemented at any stage in the attack life cycle to increase data security.

Corrective controls are designed to limit the scope of an incident and mitigate unauthorized activity. Many organizations view corrective controls as solely technical, but they can also be physical, procedural, legal or regulatory in nature.

There is no one-size-fits-all approach to applying security controls. However, implementing the right strategy can make an organization more difficult for hackers to exploit and limit potential damage.

AUTHORS


How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.


Rapid Assessment®

Complete our Rapid Assessment form to be contacted about receiving our "quick-hit" diagnostic of your critical areas of operations.

LEARN MORE



Events/Webcasts

LIVE WEBCAST

AML and regulatory compliance webcast series—Fall 2016

  • December 15, 2016

LIVE WEBCAST

PCI DSS 3.2—What’s next?

  • December 08, 2016

IN-PERSON EVENT

RSM Raleigh Technology Conference

  • October 26, 2016

IN-PERSON EVENT

Emerging risks seminar: 2016 cybersecurity executive forum

  • October 11, 2016

IN-PERSON EVENT

RSM’s 40th Annual National Credit Union Conference

  • October 06, 2016