The cyberthreat landscape grows every day, and to stay secure, companies need to build strong cybersecurity strategies internally, according to Anthony Grieco, senior director and trust strategy officer at Cisco’s Security and Trust Organization. “Over the next 12 to 18 months, we are really seeing a trend that lends toward the destruction and disruption of services as a primary goal of the attacker,” he said.

In an interview with TechRepublic’s Dan Patterson, Grieco explained that companies should focus on two cybersecurity fundamentals: Know what’s going on, and know the simple actions they can take to facilitate better cybersecurity in their environment.

Grieco also discussed how companies can take simple steps that create a big impact when it comes to improving security within their organization. To begin, employees must be aware of their role in helping companies take these steps.

SEE: Infographic: Almost half of companies say cybersecurity readiness has improved in the past year (Tech Pro Research)

“When we think about awareness, campaigns to create awareness across organizations are critically important,” he said.

Here are the four steps Grieco recommends for improving cybersecurity:

  1. Create a resilient backup strategy. With destructive attacks rising, companies must ensure they have a plan in place to keep operations running if faced with an attack.
  2. Patch systems and keep software up to date. Not only do laptops and servers need to be patched and updated, but phone, tablets and network infrastructures do as well.
  3. Take care with clicking. Employees need to give links found in emails a second consideration before opening.
  4. Block access to known bad activities. Block what you can with DNS protection mechanisms.

With the growth of Internet of Things (IoT) devices, companies are going to need think about security differently, he said. However, many threats are abstract, or are designed to take place in the future, which make them difficult to defend.

“We need to make sure that we are thinking about the network as the place to provide visibility, policy, and control to all those things that are coming online,” Grieco said. Everyone also needs to play a role in helping ensure the devices that vendors bring into the company network are secure.

SEE: Research: Defenses, response plans, and greatest concerns about cybersecurity in an IoT and mobile world (Tech Pro Research)

Customers should also be asking how companies develop their software and hardware, and how they think about security as a part of their process before making a purchase, Grieco said.

See Also: