Active Cyber Defense (ACD)
Which Active Cyber Defense (ACD) or other measures do you think should be implemented by private firms to prepare for, and perhaps respond to, cyber intrusions? Please support your decision by providing a specific example from this module’s learning materials.
The use of computer-based tools and the internet for various purposes in business exposes organizations’ data to third parties that may use them to harm the organizations. Recent incidences of data breaches indicate that private businesses are at risk of cyber-attacks all the time. Thus, data security is a crucial undertaking for any company. One of the effective measures for private firms to prepare for and respond to cyber-intrusion is training employee’s insecurity principles and restricting data access.
Knowledge on cyber-attacks and outlining risk activities can help workers identify and respond to cybersecurity risks before it affects the operation of an organization’s data system. Thus, private firms should establish basic security practices and policies for workers, such as the need for strong passwords to stop intruders. The need to have appropriate internet use guidelines detailing penalties for employees who violate the internet security protocols for their firms is also critical. Training will allow employees to follow the regulations of handling data and customers to prevent accidental sharing of sensitive information that can result in data breach. Workers should be made to understand the importance of protecting customer information. Privacy of information, especially concerning employees, is a legal mandate of all organizations, resulting in costly litigations.
Private organizations should limit the number of employees accessing data and crucial information of the organization. Workers should have access to specific data system that only allows them to execute assigned duties. Besides, they should not install any software without permission of the data protection unit. Data breach is unlikely to occur when data access is restricted only to those who need to use it.