Protecting the company is much more than installing the latest firewall or virus scanner, because people are both a key risk and the key asset in reducing overall cyber risk.
In this paper we discuss six key practices – that both address recently exposed weaknesses as well as fundamental changes beyond – that leading companies are now taking to improve their cyber defenses:
1. Move beyond a castle-defense model
2. Harden your data assets
3. Migrate from APIs to secure APIs
4. Don’t just secure, verify
5. Make security a primary design requirement
6. Upgrade your cyber risk culture and accountability structure