5 ways TMT companies can protect their data
Cybersecurity tips for the middle market tech company
INSIGHT ARTICLE |
Cyberthreats continue to loom over companies and organizations. Snatching private data is big business for criminal elements that use it for ransomware schemes or sell it on the black market.
Technology, media and telecommunication (TMT) businesses are especially enticing to cyberattackers given their large collections of consumer and enterprise data and their treasure trove of intellectual property (IP) information. In addition, most middle market TMT companies find it challenging to address threats due to limited cyber resources and strained infrastructures that inadequately protect their prized data assets. Because of this, it becomes critical for businesses to focus on business risk and the next best-dollar-spent on cybersecurity resources. Unfortunately, many TMT companies have trouble finding resources that can fill all roles needed to sustain an entire program. Most organizations are already behind on capital expense cybersecurity spend. As a result, there can be a gap between what should be spent on cybersecurity and what is being spent; a realignment of the overall budget is often necessary.
According to the RSM US Middle Market Business Index (MMBI) Cybersecurity Special Report, 15% of middle market executives indicated that their companies experienced a data breach in the last year, up from 13% in 2018 and a significant jump from 5% just four years ago. Additionally, more than half of respondents believe that an attempt to illegally access their company’s data or systems is likely this year. While large TMT companies such as Yahoo and Equifax might get the attention and cyberattack headlines, middle market businesses are feeling the cyberthreat target on their backs as well.
In addition to combatting the increasing number of cyberthreats, businesses, including TMT companies, are also challenged with addressing a surge of regulatory compliance as a growing number of countries and states are beginning to enact cybersecurity legislation to improve data protection. For instance, many businesses are required to comply with the European Union’s General Data Protection Regulation (GDPR) as well as U.S. legislation like the California Consumer Protection Act (CCPA), slated to take effect in 2020. However, companies have been slow to develop compliancy processes. According to the cyber report, only 40% of respondents were familiar with the requirements of GDPR or other privacy regulations such as CCPA and the Health Insurance Portability and Accountability Act.
What should TMT businesses do?
To address this increasing cyberthreat environment, it’s important for TMT companies to adopt a variety of measures to fortify the perimeter of their businesses while also strengthening internal processes and systems. While cyberthreat resources might be strapped, there are a variety of basic blocking and tackling efforts that can be done to strengthen data security. Note the following five tips:
1. Assess your data
Three questions: Where’s your data? Who has access to it? What protections do you have in place? Identifying your key data sets and establishing the location of this information is critical to protecting your information security. It seems fundamental, but given the quick growth of TMT companies, added acquisitions, and new employees and accounts, data placement can get murky and access to this key information gets unwieldy. Assess your data, determining type and location, and have a rigorous policy in place regarding access, and then monitor that access. You should have systems and policies in place to address overall risks.
2. Consider cyber insurance
To combat cybercrime repercussions, cyber insurance has become an effective solution. According to the Cybersecurity Special Report, more than half of middle market executives surveyed carry cyber insurance to mitigate risk. However, while the usage of cyber insurance is gaining momentum, many executives do not have a full understanding of their coverage. In fact, the survey reveals that 41% of the companies that carry policies are somewhat familiar or not at all familiar with their coverage levels. Companies must understand their policies to ensure exposures are addressed. Periodic evaluation of the insurance policy is also needed to account for evolving risks.
3. Train your people
When we work with our RSM clients on their cybersecurity vulnerability, we frequently conduct penetration testing, which includes social engineering, to understand where immediate exposures might occur. When we do this, the majority of the time we uncover weak passwords that are easy to crack. We also can show that social engineering efforts can be effective at tricking users into clicking on links. Much of this careless user behavior can be addressed via improved user training and oversight where unacceptable practices are challenged and appropriate behaviors are incentivized. We’ve seen up to an 80% increase in the resilience of an organization when proper user training and management are put in place within a company.
4. Move to the cloud
As TMT companies grow, they can lose control of their data and fail to understanding how much information they have and where it resides. In response, businesses can move their data to the cloud for increased efficiency and access, but also greater security. Cloud vendors’ economy of scale enables them to implement more extensive security measures and controls that are not typically realistic for some middle market companies. According to the Cybersecurity Special Report, a little over a third of respondents have moved data to the cloud as a result of security concerns in the last 12 months. However, before moving to a cloud solution, it’s important to have a good understanding of the type of data being stored and accessed. This will help determine the level of security needed by the cloud provider. Keep in mind, as your company moves to the cloud, controls that were previously required to protect environments will not be as effective. It’s critical to develop a cloud security architecture that segments the infrastructure to limit the impact if a breach occurs and also places restrictions on who has access to particular segments. This helps control possible entry points by unwanted intruders.
5. Plan to respond
When a breach occurs, it’s not a good time to blow the dust off your neglected, outdated incident response plan (IRP) and attempt to figure out what to do next. The IRP should be a living, evolving strategy and your plan rehearsal should be conducted every six months, if possible. Roles and responsibilities should be concisely spelled out, and action steps must be comprehensive. Evaluate the process and revise the plan as needed.
For more on this topic, check out the following content or contact us.
Join the NACD and RSM to understand how your board and organization can benefit from changing technology like the power of cloud computing.
Employing the proper internal controls can limit the financial and reputational damage that a company exposed to a cyberattack may face.
Many U.S. companies have taken a wait and see attitude toward the GDPR, but recent enforcement actions confirm the urgency for compliance.
RSM provides insight into the growing threat of cyberattacks to organizations and how to manage such attacks. Learn more.