Cybersecurity is the art of protecting humans, networks, devices, and sensitive data from inappropriate access or criminal use. This practice also balances confidentiality, integrity, and availability of information to achieve this goal. Most industries now rely on computer systems services and the Internet to help deliver products or services to their customer base. Personal information is often stored on a personal device or on a company’s system. That is why it is important for organizations to protect the information while it is traversing and stored on their network.
Chances are that at some point you have heard of a data breach, either directly or as the result of your personal information being held by a compromised institution. Every year, the number of breach victims is higher than the last. Because of this, every major U.S. organization—be it a corporation, non-profit, or government institution—begins the new year assuming it could potentially be under threat. In 2020, the FBI reported a 300% increase in the number of cybercrimes, from about 1,000 cases to between 3,000 and 4,000 cases each day. Research shared by the Identity Theft Resource Center (ITRC) showed that the total number of data breaches in the U.S. exceeded the previous year by 68% in 2021. That equals 1,862 events, compared to 1,108 events in 2020. And according to the Verizon 2021 Data Breach Investigations Report (DBIR), there were 5,258 confirmed data breaches worldwide, across 16 different industries.
Today there is a greater demand for businesses to provide safe and secure digital frameworks that recognize cybersecurity as not only a technology problem but a business problem as well. According to a 2021 Harvard Business Review article, more companies are realizing that security is not just a technology issue. It is a problem for the business and even the board of directors. Cybercrime will cost businesses $10.5 trillion (about $32,000 per person in the US) globally annually by 2025.
Despite all the attention given to cybersecurity, there is no single turnkey solution to eradicate the general threat. Cast & Crew CISO Mike Story said it best: “Cybersecurity requires accountability and honesty — no single person in an organization can ensure complete digital safety on their own. It must be built into the core foundation of all facets of business and technology.”
Here are core tenants to help companies build a strong cybersecurity program to shield themselves from cyberthreats.
Nine Core Tenants of a Strong Cybersecurity Program:
- Identify and mitigate both internal and third-party cybersecurity risks.
- Implement security controls to protect company assets from unauthorized access.
- Perform vulnerability scanning and penetration testing and remediate findings.
- Implement a Defense in Depth cybersecurity strategy utilizing state-of-the-art security controls, technologies, and encryption to protect sensitive information.
- Maintain a strong network perimeter.
- Establish and enforce cybersecurity policies and procedures to ensure that security controls are properly implemented and maintained.
- Identify and respond to all potential cybersecurity incidents.
- Ensure cybersecurity awareness is a priority by investing in employee cybersecurity awareness and training.
- Implement and encourage a culture of cybersecurity awareness, where security is everyone's job.
At Cast & Crew, security is a core value, and we take the concept very seriously. We understand that we handle important personal and financial information. We consider it our duty to secure our systems and equip our employees with the comprehensive security tools they need to handle the high daily flow of sensitive information. As security breaches continue to make global headlines, we have become even more vigilant, underlining the importance of taking increasingly stronger measures to protect employee and customer data.
Editor’s Note: This article was originally published on December 1, 2017, and was updated on April 20, 2022, to reflect new statistics and updates to how Cast & Crew continues to prioritize cybersecurity in our organization.