Randtronics Logo

Cybersecurity Tips for 2022

Cybersecurity Tips for 2022

There has been a relentless increase in the frequency and severity of cyber-attacks over 2021 and we should expect further volatility as we delve into 2022. This article aims to offer insight as to how you can best protect your business from becoming another cybercrime statistic.

The first piece of information that we are going to offer you is that The Bare Minimum Is No Longer Enough. For many years, companies could get away with just firewalls and standard data security software that came pre-downloaded on their laptops. Not anymore. Hackers have gotten smarter and hungrier, computers have become more complex, privacy laws now force companies to try harder. Measures used to fight cybercrime have had to adapt and upgrade to compete with the growing threats. Essentially, companies need to consult with expert cyber security companies specialized in the field to understand their requirements.

Secondly, De-Identifying Data is best practice for data privacy. A method of de-identify data is the most important step to achieving holistic data protection from a variety of issues e.g., data breaches, ransomware, and compliance fines. Many privacy-based compliance laws are centered around requiring businesses to de-identify their client’s data, whether it be credit card information, health records, or addresses. Encryption, tokenization. and masking are all effective ways of ensuring that even if your data is stolen, it is still protected.

Thirdly, hackers are far less likely to attack a business that encrypts its data. Cyber Criminals are smart and unwilling to put time into cracking an encryption code. They wouldn’t try and steal data that is encrypted because once they get it, it would  take them many many years to crack an encryption code, with no guarantee the data is worth anything. Instead, they target companies that utilize basic defense systems such as firewalls, full disk encryption, anti-virus software, etc. These cyber measures have their place in cyber security and are needed but can be bypassed easily by an experienced hacker. Not all encryption methods are equal.

Finally, auditing access and threat detection should also be used. In the coming years, many Countries Governments wish to be notified within 72 hours of a data breach, or penalties may apply. Auditing file activity is a necessary component to determining where the issue came from and who caused it. Auditing is not a feature that comes standard with operating systems and ties back into the fact that companies can no longer get away with the bare minimum. One needs to be aware that Auditing is an “after the event” indicator and does not actually provide any technical control to block or stop that event.  

If you want your company to be threat-free in 2022, you need to consult a Cybersecurity expert ASAP and understand what data security solution would be best tailored to your industry. With the information you provide them, they will likely point you in the direction of an encryption, de-identification masking solution that has auditing and key management properties.

If you wish for a free consultation with a cyber expert about your businesses specific privacy needs send an email to: enquiry@randtronics.com

If you wish to find out more about Randtronics encryption solutions visit: www.randtronics.com

Letter from the CEO

Rantronics Logo

Thank you for visiting the Randtronics website.

We make enterprise encryption easy.

Smart businesses already know that only encryption can reduce the attack surface and stop the hackers from stealing their sensitive data. A company that only uses encryption is more secure than a company with all other cyber security measures. Privacy standards such as PCI DSS, HIPAA, and GDPR are all mandating in law the protection of the citizen’s personal data. Fines for breaches are huge. You won’t get fined if your firewall is hacked. You won’t get fined if you suffer a virus or ransomware attack. You WILL get fined if you lose ANY personal data pertaining to ANY citizen. The lowest common denominator is the DATA. Data that is “Encrypted” is out of the scope of the Law.

Whilst all understand the need to protect sensitive data holistically (such as NIST Cyber Security Framework or 12 prescriptive PCI DSS guidelines) their cyber security priorities are misguided to say easy aspects and not addressing “what happens” when these fail? Encryption of data is the only direct protection measure that renders data unreadable compared to upgrading firewalls or virus and malware, IPS, log monitoring, etc. I am saying you need all methods but unless you have implemented enterprise grade encryption you are still unprotected like driving a car without “seatbelts”. “Enterprise grade encryption” as a cyber measure is the “seat belt” that saves lives in car accidents. Industry experts predict a relentless continuation of data breaches this year and penetration testing have proven perimeter defense is easily penetrable.

Randtronics has taken the challenge to make encryption easy and is innovating in many areas. We have already reduced deployment effort to days, use familiar standard components so that less skilled people can deploy and maintain systems.
I welcome discussions via email or phone as through your feedback we will be challenged to continue to innovate to the point where businesses and users do not need to be intimidated when using encryption as the worlds most powerful tool to protect their sensitive data.

Experts predict data breaches will continue at relentless pace, let Randtronics secure your business with “Enterprise grade ubiquitous encryption technology”. Time is of the essence. Why not be pro-active? I invite you to let Randtronics and its global distributors and resellers assess and assist your business directly.

Yours sincerely,
Bob K Adhar, BE, MBA, CISSP
Founder and CEO