On Tuesday, October 17th, I was invited to appear on 580 WCHS’s Ask the Expert show to talk to their audience about cybersecurity. I took the opportunity to bring along our Director of Information Security Services, Rob Dixon. Rob has nearly 20 years of industry experience in information security, with a strong background in security operations, applied threat intelligence, policy development, operational procedure development, incident management, malware research, network defense architectures, network penetration testing, intrusion prevention technologies, endpoint protection and analysis and counterintelligence control operations.
After I introduced Rob, we started talking about the key areas that needs to be addressed in an Information Security Plan. Many executives don’t know where to start when addressing cybersecurity so, through the course of the podcast, we give a clear path to follow, involving five key areas.
You can hear the entire show below or get it directly from SoundCloud.
Fundamentally, cybersecurity is about developing a professional, focused and thorough Information Security Plan. When developing the Plan, or having it developed for you, there are five areas to cover:
- Policy and Procedures – This defines how your technology is to be used and the mechanisms that will be put into place to realize that use.
- Threat Management – Manage network traffic to prevent unwanted data, such as viruses and malware, from entering and stop protected data, such as passwords and identity data, from leaving.
- Endpoint Protection – Prevent users from inadvertently or maliciously violating security policy.
- Security Event Monitoring – Use people and processes to evaluate network events and identify threats.
- Security Awareness Training – Continuously educate users on new threats and how to protect themselves.