The December 2017 Verizon Data Breach Digest focused on the use of cloud services and is worth a read. The Digest identified key issues that you should be aware of:

  • Location of Systems and Data – If you need to access your cloud assets do you know where it is? Know that there are different rules governing cyber facilities in different jurisdictions which may, or may not, be a concern.
  • Physical Access – If you need access to your data and services will it be allowed and facilitated?
  • Forensic access storage – Will you be able, when a breach occurs, to examine data and systems to determine extent and remediation?
  • Reliance on written agreements – How comfortable are you that the written agreement you have with your cloud provider(s) will be honored?

In order to improve prevention and mitigation of incidents you should:

  • Know where you data is located
  • Use a seasoned service provider
  • Authenticate using multiple factors
  • Limit access to critical assets
  • Use log data and make it useful

Should you suffer an incident consider the following actions:

  • Use incident response playbooks
  • Change administrative passwords immediately
  • Get to data quickly
  • Be flexible with data collection options.

If you would like to know more the full digest can be downloaded here.

Another option is to join the online Cyber Exposure Management Course Series.

Here are the options:

Option 1. Understanding Cyber Exposure - For Beginners

Option 2. Advanced Cyber Exposure Management

– Part 1 - Identifying Cyber Exposures 

– Part 2 – Cyber Exposure Program Management

Option 3. A Bundle of all 3 courses - 35% off the original price

(most cost effective option)

Votes: 0
E-mail me when people leave their comments –

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!