Tips to Guard Against Hacks and Attacks

I attended the 2013 InnoTech San Antonio Technology Innovation Conference & Expo on April 17th.  InnoTech is the region’s largest business-to-business technology event.

This conference has grown to the point of needing to move to the Henry B. Gonzalez Convention Center.

Along with the tracks offered in Mobility, Women in Tech, Infrastructure, Big Data with Analytics and IT Leadership, I participated in the Cyber Security Symposium.  I moderated a panel of experts on Security – It’s All About Perspective.  The panel had representation from corporate leaders, consultants and higher education.  The panel members were Mark Krisak, Director of Information Security, HEB; Chip Meadows, Sr. Security Analyst, UTSA; Joe Oranday, Vice President, Enterprise Information Security, Frost; Steve Werby, President and Senior Information Security Consultant, Befriend.

We had a lively discussion with the audience of around 100 people.  Even though we discussed technology and some of the newer techniques to deal with hacks and attacks, the takeaway from the gathered experience on the panel was to focus on the basics.  When the panelists were asked what the one best thing was that an organization can do to protect itself, the answers were:

  • Keep your patches current
  • Focus on user security awareness training
  • Deliver metrics on your program to track progress and get support
  • Work with your users

These solutions are not new and do not require deep technical knowledge.  I think we can all learn a lot from these experts.

I will be presenting a session on Hacktivism at the 2013 ETA Annual Meeting & Expo on April 30th through May 2nd in New Orleans, LA.  I hope to see you there.

Jeff Reich, Layered Tech Chief Risk OfficerAbout the Author: As Chief Risk Officer at Layered Tech, Jeff Reich (@LayeredTechCRO+Jeff Reich) drives the company’s security and compliance services and guides risk mitigation efforts for clients. With more than 30 years of experience, Reich is a well-known risk management and security expert in the industry. He holds CRISC, CISSP and CHS-III certifications and is an ISSA Distinguished Fellow.


Comments are currently closed.