In the last year, some of the biggest companies in the world were plagued by equally massive security breaches – making it clear that organizations and IT teams of all sizes are in need of security reform. Only by implementing stronger security measures and policies can organizations prevent devastating security events from continuing to take place.

Andrew Hay, DataGravity chief information security officer (CISO), recently spoke with Bloomberg BNA about the lack of preparedness among businesses and organizations when it comes to cybersecurity. Below are three tips from the conversation, all of which hinge on one critical point: companies must be proactive, not reactive, when it comes to data protection.

“Too many companies are still waiting for a disaster to land at their doorsteps before they take action to protect their data,” – DataGravity CISO Andrew Hay

Far too often, organizations don’t think about cybersecurity until it is too late. As a result, they fail to see data as one of their most valuable assets until it’s already been hacked or stolen. To take a more proactive approach begin with a few steps:

  1. Determine where your data lives. Do you know what kind of data you’re responsible for? You may be storing sensitive data you don’t even know about, like credit card and Social Security numbers, addresses and other personally identifiable information (PII). The first step to preventing a future attack is taking inventory.
  2. Educate employees. Make sure your employees are aware of security measures already in place. Often, employees or insiders are responsible for data breaches, knowingly or not. According to the Ponemon Institute, nearly 80 percent of incidents are a result of employee negligence or maliciousness.
  3. Monitor your data activity. Invest in tools that are constantly monitoring your data, alerting you to suspicious activity and movement. This allows organizations to better analyze and predict potential security risks, making it easy to get a handle on security breaches early in the process.

To keep up to date on the latest cybersecurity tips, sign up for our newsletter.