Telstra lives by ‘five knows of cyber security’ when it comes to protecting information across the organisation
The five things you must know to effectively manage the risk
While the cyber threat isn’t new, cyberspace allows crime, espionage and protest to happen at a pace, scale and reach that is unprecedented. When confronting this challenge, it is easy to place a lot of focus on technical solutions. However, as recent public breaches have demonstrated, people are often the weakest link when it comes to cyber security
Therefore, there’s a need to frame the complex problem of cyber security in a way that everyone can engage in; from senior executives right through to all staff. The Five Knows of Cyber Security represents a significant shift in focus - from a technology discussion to one where senior management can engage in and contribute to the effective management of cyber security risk.
Know the value of your data
You need to know what value it has, not just for your organisation and customers but also the value to those who may wish to steal it. All data has value to someone.
Know who has access to your data
You need to know who has access both within an organisation and externally, like who has ‘super user’ admin rights in your organisation and within your trusted partners and vendors.
Know where your data is
You need to know where your data is stored. Is it with a service provider? Have they provided your data to other third parties? Is it onshore, off-shore or in a cloud?
Know who is protecting your data
You need to know who is protecting your valuable data. What operational security processes are in place? Where are they? Can you contact them if you need to?
Know how well your data is protected
You need to know what your security professionals are doing to protect your data 24/7. Is your data being adequately protected by your employees, business partners and third party vendors who have access to it?