CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | DECEMBER 20228CIOReviewIN MY OPINIONAlvarado is a digital risk specialist with 19 years of expertise in the IT industry. He is responsible for assisting enterprises in identifying digital risks and recommending solutions or controls to close the gaps. He is also a certified IT security specialist who is familiar with endpoint security, vulnerability management, identity management, data loss prevention, threat remediation, and best practices for securing IT infrastructure. Prior to cybersecurity, he spent 11 years working in high-speed manufacturing.HOW TO MINIMIZE THE IMPACT OF CYBER ATTACKS ON BUSINESSES?As the director of IT security, Could you explain a little bit more on what you've seen in the security landscape in your line of work?Criminals have found cyberspace to be an increasingly appealing hunting ground over time. There are two reasons for this; first, people today are more connected to internet-based stuff. Our devices are connected to the internet, transactions are taking place, and we are trying to connect in a variety of ways. While an increasingly connected world makes our lives easier, we also need to think about the security that comes along with it. Most companies are already leveraging technology, and for those who don't, a pandemic has forced them to do so. Growing tech companies have opted to make remote work easy for their employees, which enabled cybercriminals to touch anything that connects to the internet remotely. We know that Data is now the `new black gold' for the hackers. They want your data to either sell or exploit it and to use ransomware to extort money from you. That is why cybercrime activities are lucrative in the industry. Second, breaches occur because big businesses do not do enough to put the right controls in place, resulting in a shortage of cyber security and cyber professionals to do the job. If the technology exists to help criminals in committing cybercrime, it also exists to keep them out. You make it much easy for them if you don't secure your organization. Many businesses are utilizing technology such as AI and ML that allows them to be more efficient and automated today, but some firms still do not, either because they are unaware of it or because they do not want to spend the money for it.Could you elaborate on some of the best practices that businesses may use to improve their security?Establishing a governance and compliance structure is one of the greatest initiatives. I first began working in the IT business, and I found that many organizations lacked a clear standard operating procedure and framework in place to set that governance. The framework consists of standards, guidelines, and best practices to manage cybersecurity risk. That's why the government had to start regulating and enacting rules in place because big business was not doing enough. Security has been split into two categories: operations and governance and compliance, which helps to keep everything under check. The operational side is responsible for securing things that people use An Interview With Mark Alvarado, Director of Cyber Security & IT Compliance, Academy Sports + OutdoorsMark
< Page 7 | Page 9 >