Madison, WI (September 27, 2017) — Cybersecurity and privacy now go hand in hand, with breaches at an inevitable state within all organizations.
“No one entity can be smart enough to fight it all off — we have to work together with other businesses across all industries,” said Cliff Mason, president of Madison-based Total Administrative Services Corporation (TASC).
That was the takeaway from a panel of world-renowned cyber and data security experts at a recent forum hosted by TASC. Speakers at this free conference included David Bray, former CIO for the FCC, Steven Chabinsky, former deputy assistant director of cyber for the FBI, and Shane Harris, a journalist who covers intelligence agencies for The Wall Street Journal. The event drew attention to the need for higher standards in cyber and data security from America’s leading services providers in every industry…
“You need to assess what is important to you, how you’re going to manage it, and how effort and resources you will commit to protecting it,” said Dan Rashke, CEO and owner of TASC. “We hosted the forum to gather ideas that will help others be better equipped to make that assessment as well.”
The recent Equifax hack, estimated to impact more than 200 million Americans — means that cybersecurity is top of mind for many. And that’s a good thing, because the threat is always there, even if the fallout of one of the largest security breaches in history isn’t dominating headlines.
As a provider of third-party employee benefits administration services, TASC’s highest priority is protecting the private data and money of its millions of American customers. In recognition of the massive threat from cybercriminals around the world, TASC made the investment in the cybersecurity and privacy forum to bring together the brightest minds in the field to foster ideas and collaboration in support of fighting cybercrime.
“It does not take expert technical talent to hack anymore; the geniuses are the ones creating the software programs that the (inexperienced) hackers pay to use,” said Don Codling, retired Unit Chief, FBI Cyber Division, and a speaker at the forum. “The tools nation-states used to have are now available on the internet for anyone to deploy.”
Too many companies view cybersecurity as the IT team’s responsibility, and take an inward-focused approach. If they make sure that all of the data stored internally is protected and encrypted, organizations feel safe. But that approach can create a false sense of security if companies are naive to the risks mismanaged third-party vendors can present to their own data and their customers’ data.
Through this conference, TASC brought awareness of the need to vet third-party vendors for their security standards, which should be a step in the creation of businesses’ own cybersecurity and privacy crisis management plan. Organizations need to realize that security measures are only as strong as the plan and the capacity to ensure its around-the-clock adherence by putting it to practice on a regular basis.
“(It is) negligent for a company to not recognize the level of importance and power around your customer’s data,” said Riad Amro, director of information security at TASC. “It is your responsibility to act according to the level of security measures needed to protect that. Put yourself on the offensive side; put your organization in a position to handle a breach — have your incident response plan ready.”
