614-322-2222 or 877-770-8324

SMEs from the Ponemon Institute to the major cyber majority watch groups that the root cause of a data breach is from the Insider Threat.

Sep

20

SMEs from the Ponemon Institute to the major cyber majority watch groups that the root cause of a data breach is from the Insider Threat.

BTW September is National Insider Threat Awareness month. SMEs that train the Insider Threat tell us that we should begin by performing a companywide risk assessment that focuses on the people that come in contact with our data. We just did a NIST 108 control review using their v1.1 guideline in the last 16 hours over the weekend for a local organization. In the assessment, we find that many organizations send their data on purpose to the cloud (a data server) and they do not know where that is (geographically). As we continue, many times the accounting, intellectual property, and customer data is outside the borders of our country and the business does not maintain a local copy in the US. So, in their Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP), their business is dependent that these countries get along with the US. In the era of international friction and trade wars, that might not be the best plan. The other issue is that in some of these nations, the country’s government actively pursues to take US data. So, if your data is in their country, you can almost guarantee that it has been compromised locally. So, what should we do this month? Start with the NIST assessment and concentrate on the Insider Threat. Those are the people, technicians, and companies that come into contact with your data. After 2 days of identifying vulnerabilities, you can list all of them from high, to medium, to low impact on your business. Then start addressing them. After 90 days, you will be in better shape. If it is your first experience with NIST, do not worry, because slowly and surely, like with the DoD CMMC program, the NIST CSF will become the national standard for cybersecurity.

SMEs from the Ponemon Institute to the major cyber majority watch groups that the root cause of a data breach is from the Insider Threat. The inside threat to your data is those non-compliant employees, technicians, and third party vendors that you have agreed to letting them have access to your daily regularly. ISO and NIST certified TechR2 products and services expertly combat the Insider Threat.



  • Providing complete “Cradle to Grave” data eradication solutions, sound experience, industry best practices and resources to support you.


    Why risk it? Get started today! Call 614-322-2222


  • About An Industry Leader

    TechR2 is the only company in the industry that has earned a US patent for its Track-Contain-Destroy-Verify data security process, is OEM approved, upholds critical ISO certifications, and is recognized for compliance with GDPR, NIST and all governmental regulations concerning data destruction, including ISO 27001, ISO 14001, ISO 9001, and ISO 45001.