Lost on where to start with cyber security?

The world of cyber security is daunting to many people. With so many terms and devices talked about it can look like a very confusing world for some. Where should you start though? What should you protect yourself against? If this question is answered incorrectly it can be very devastating for an organization.

Thanks to organizations like OWASP starting points for securing your assets can be established. With the changing dynamics of many organizations it is hard to determine what a standard security model should look like. However there are two very important areas that every organization should protect. These areas are mobile devices and privacy.

If you are implementing a BYOD (Bring you own device) model in your organization there is a list of very important things to watch for when it comes to mobile devices.  The list is as follows.

  • Weak Server Side Controls
  • Insecure Data Storage
  • Insufficient Transport Layer Protection
  • Unintended Data Leakage
  • Poor Authorization and Authentication
  • Broken Cryptography
  • Client Side Injection
  • Security Decisions Via Untrusted Inputs
  • Improper Session Handling
  • Lack of Binary Protections

When it comes to protecting privacy where do you start? In the info graphic below OWASP illustrates the top 10 privacy risks to any network. Starting with the areas listed in the info graphic below can not only help secure the privacy of the users on your network and their data stored on it but can also help strengthen your networks posture as well. Many of the threats listed below can also be jumping points for larger attacks.