Select Page

Cybersecurity – Concern vs Action

Author: David Ruel, Sr. Product Manager

Cybersecurity concerns

Cybersecurity experts are on high alert. But, as Marketplace Tech asks in a recent report, why isn’t everyone else? There seems to be a genuine disconnect between the cybersecurity experts, IT staff and the general public. Is it that the general public has just given up after reading through all the stories about hacking, ransomware reports and cyber threats? Maybe the overload of Cookie and Privacy statements has finally reached the threshold of enough being enough?

From a public’s prospective, there is only so much you can do, right? Protect yourself and your family as much as possible by using the tools provided to you like encryption, two factor authentication, and others. But, that begs the question. What about the companies out there who you work for or interact with? How should they be dealing with private and sensitive data?

It’s true, the frightening headlines are everywhere—cyberattacks on electrical systems in Los Angeles and Salt Lake City, the exposure of more than 2.3 billion sensitive files from poorly secured cloud servers, a ransomware attack on the City of Baltimore—and yet many companies, governments or organizations remain unprepared for such situations. What Heureka knows is that computers and file shares continue to overflow with critical and sensitive data such as national identification numbers, credit card information and corporate intellectual property. Statistics have shown that this data is growing at over 60% per year!

Marketplace Tech host Molly Wood asked Nicole Perlroth, who covers cybersecurity for the New York Times, how exposed we are:

Basically, [hackers] could easily be neutralized if everyone was really good at patching their systems and upgrading software. Unfortunately, we have a lot of old software sitting out there that certain infrastructure, management providers and IT overseers don’t even know really what’s on their systems.

-Nicole Perlroth, cybersecurity reporter for the New York Times.

Understand your data

One of Heureka’s core missions is to help our clients gain control over their data. We do this by shining a light on the traditional dark data that exists in almost every corporate environment. Heureka works where your employees work, on desktops, laptops and file shares. In order to gain control of data, you must understand the data content itself and this is where Heureka excels.

Heureka has automated the process of deep data knowledge by providing tools to help proactively mitigate risk on data content and ROT (data that is redundant, obsolete or trivial). Heureka quantifies risk exposure and increases business resiliency by helping locate and eliminate data with not business, legal or regulatory value.

Gain control of your data

If a company truly wants to help reduce their cyber attack surface, they must investigate two things: what type of risk do I have and where is it at? Heureka rapidly answers both these questions. More often than not our software identifies corporate risk in less than 24 hours and provides the precise locations of risk along with a tool set to help our clients begin to clean up their risk and control their data. Data inventory is also a critical component giving users a full understanding of the information on each desktop, laptop or file share.

Eliminate what you don’t need

As mentioned above, redundant, obsolete and trivial information can be one of the biggest headaches a corporation has to deal with. Storing endless amounts of data swallows not only time and resources but actually removes money from important budgets such as cybersecurity, IT or GRC (governance, risk, compliance). Many of Heureka’s clients use our system to immediately detect and eliminate files that have no value or that may fall outside a normal retention policy.

Monitor and maintain

Controlling your data is an ongoing job. Elimination of ROT and remediating risk is important but the job should never be considered complete. Many Heureka clients schedule automated, continuous risk evaluations and then centrally collect, delete or quarantine files that venture into places they should not be. This continuous monitoring of risk data should be considered as important as keeping software patches up to data or monitoring cyber threats in an environment.

Conclusion

At the end of the day, a data breach or ransomware may still occur. What is really important is having a deep knowledge of the type and location of data so that you can minimize the overall impact should a cyber event happen. Hackers cannot steal what is no longer there or what they do not have access to. If a system is encrypted via ransomware, wouldn’t it be great to know what was on that system in order to make a better judgement call on paying for decryption?

Heureka for cybersecurity

While cybersecurity is daunting, Heureka is a trusted tool organizations need to start with. Our ability to discover risky data, create data inventory reports and eliminate ROT across the unstructured data world runs in conjunction with cyber tools, ultimately preparing your organization for whatever’s ahead.