How Large Companies Tackle Cyber-Security

 
 
By Karen A. Frenkel  |  Posted 09-22-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How Large Companies Tackle Cyber-Security
    Next

    How Large Companies Tackle Cyber-Security

    Most large companies have cyber-security policies in place and focus on informing and training employees on security issues rather than enforcing policies.
  • Previous
    Ubiquitous Cyber-Security Policies
    Next

    Ubiquitous Cyber-Security Policies

    94% of large American businesses have a cyber-security policy in place. Of these, 87% created the policy at least three years ago.
  • Previous
    Elements of a Cyber-Security Policy
    Next

    Elements of a Cyber-Security Policy

    Required security software: 84%, How to back up data: 81%, How to detect scams: 79%, How to report security incidents: 78%, Requirements for regularly updating computers: 75%
  • Previous
    Communication and Compliance
    Next

    Communication and Compliance

    Communicate policies clearly to all employees: 85%, Monitor policy compliance: 79%, Train employees to follow policies: 77%, Enforce consequences for not following policies: 66%
  • Previous
    Addressing the Threat Landscape
    Next

    Addressing the Threat Landscape

    Companies that focus on communication, compliance and training are addressing the evolving cyber-security threat and the internal risk employees pose.
  • Previous
    Evolving Cyber-Threats
    Next

    Evolving Cyber-Threats

    Cyber-threats evolve with the introduction of new technologies, so the most effective way to combat perennial cyber-threats is to continually update and effectively communicate policies.
  • Previous
    Employees Are a Security Liability
    Next

    Employees Are a Security Liability

    Employees are a major security threat to every company. Their use of personal mobile devices and remote work are just two factors that put their company at risk.
  • Previous
    The Threat of Remote Work
    Next

    The Threat of Remote Work

    89% of the companies surveyed allow employees to work remotely, and 74% also allow them to use personal devices for work.
  • Previous
    Gamifying Policy Compliance
    Next

    Gamifying Policy Compliance

    To promote employees' understanding of a company's cyber-security policy, consider making a game based on testing how well employees follow that policy. For example, send out a phony phishing scam email and see how many employees comply with company policy.
  • Previous
    Balance Enforcement With Concerns
    Next

    Balance Enforcement With Concerns

    Companies should balance employee concerns with enforcing the consequences of violating cyber-security policies. 47% of respondents said their company's cyber-security policy is strict, but 52% characterized it as moderate.
  • Previous
    Resenting
    Next

    Resenting "Big Brother"

    A company's security policy must have teeth, but employees' morale can suffer if they feel watched, so strike a balance that enables employees to do their job safely without fearing company oversight.
  • Previous
    Benefits of Cyber-Security Investments
    Next

    Benefits of Cyber-Security Investments

    Protection from external threats: 35%, Fewer internal activities that put the company at risk: 26%, Compliance with industry, federal or international regulations: 21%, Peace of mind, preparedness if there is a cyber-security incident: 16%, Other: 2%
 

Large companies grapple with employees' disdain for strict cyber-security policy enforcement and invest in communicating and training personnel rather than strictly enforcing their policies, according to a new survey, "How Large Businesses Approach Cyber-Security in 2017," from market researcher Clutch. Of particular interest is a debate over the impact of phishing attacks, experienced by 57 percent of the respondents, compared to ransomware, reported by only 21 percent. "While large-scale ransomware attacks apparently affect few large U.S. businesses, these attacks motivate companies to strengthen their defense against cyber-threats, according to industry experts," the report said. Ransomware attacks are "eye-opening," for companies of all sizes, but particularly for larger ones, said CIO Tom DeSot of Digital Defense. But FRSecure CEO Evan Francen said that despite the publicity, disproportionate resources will not be devoted to ransomware instead of more common types of attacks. The report surveyed 304 IT decision-makers at companies with 500 or more employees.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register