Fraud Protection

Arm Your Cybersecurity Team Against Threats

Arm Your Cybersecurity Team Against Threats

Research shows that it takes only a few days to breach a business’s data, but businesses discover less than 25 percent of those breaches in the same amount of time.1 Companies often feel the impact of a security breach far beyond lost revenue; a breach can result in blows to their reputation, customer satisfaction and sense of safety in the aftermath.

Applying proactive measures can help prevent costly security breaches, which security technology company McAfee estimates result in more than $400 billion in losses to the global economy each year.2

Here are five of the industry’s best practices to help your cybersecurity team work efficiently and successfully within your company:

1. Build a dialogue around cybersecurity from the top

Security discussions should start with the C-level executives at your company and work down, says Brian O’Hara, senior security consultant at Rook Security. Similarly, cybersecurity should have a place at the table during large project discussions to ensure managers keep security top of mind.

2. Separate the chief information security officer duties from the chief information officer role

Often, the role of a chief information security officer is lumped into the chief information officer’s duties and is then overlooked. To best organize your security department, the two should be separate. “Ideally, have the security officer role not report within IT,” says Manoj Garg, a consulting chief information officer and managing partner of Virtual Information Executives.

3. Provide your team members with access to outside resources

Make sure your department has points of contact with outside organizations, such as the Information Systems Security Association and InfraGard, to get reliable information in case of a problem. These resources can provide you with up-to-date information in the event of a dangerous breach and teach you what to look for to prevent cyber attacks.

4. Invest in human solutions, not software solutions

A quarter of all security incidents in 2013 were the result of human errors, according to Verizon’s 2014 Data Breach Investigations Report. And while only 2 percent of the incidents resulted in actual breaches, human mistakes are among the most straightforward security problems to solve.

“It’s really about what’s between our ears, not the box you can buy,” O’Hara says. Routine business processes are particularly prone to errors. Sending emails with documents to the wrong address, for example, could expose sensitive information, and failing to apply a WordPress patch to a software update could leave a website vulnerable.

5. Consider using an outside firm to monitor alerts

Similarly, costly security and detection systems are useless if your team doesn’t know how to use them properly. Garg recommends implementing multiple layers of security, such as firewalls and antivirus systems, as well as working with an outside firm to filter through the flood of alerts security monitoring systems produce. 

“Doing this right requires a very high degree of expertise, and one should leave this to the experts,” he says. They can filter the critical alerts from the low-risk ones, freeing up your team to focus on big-picture projects and solutions.

There’s no one-size-fits-all cybersecurity solution, but understanding your business’s needs—and restructuring accordingly—is an important first step in making sure your IT department is prepared for anything.

1 “2014 Data Breach Investigations Report,” Verizon

2 “Net Losses: Estimating the Global Cost of Cybercrime,” June, 2014, Center for Strategic and International Studies, Intel Security

This content does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.


Investment and Insurance Products:

Are Not FDIC or any other Government Agency Insured   Are Not Bank Guaranteed  May Lose Value 

© 2018 SunTrust Banks, Inc

equal housing logoSunTrust Bank is an Equal Housing Lender. Member FDIC

equal housing logoEqual Housing Lender. SunTrust Mortgage, Inc

SunTrust, SunTrust Mortgage, SunTrust PortfolioView, SunTrust Robinson Humphrey, SunTrust Premier Program, AMC Pinnacle, AMC Premier, Access 3, Signature Advantage Brokerage, Custom Choice Loan and SunTrust SummitView are federally registered service marks of SunTrust Banks, Inc. All other trademarks are the property of their respective owners.

Services provided by the following affiliates of SunTrust Banks, Inc.: Banking products and services are provided by SunTrust Bank, Member FDIC. Trust and investment management services are provided by SunTrust Bank, SunTrust Delaware Trust Company and SunTrust Banks Trust Company (Cayman) Limited. Securities, brokerage accounts and insurance (including annuities) are offered by SunTrust Investment Services, Inc., a SEC registered broker-dealer, member FINRA, SIPC, and a licensed insurance agency. Investment advisory services are offered by SunTrust Advisory Services, Inc., a SEC registered adviser. GFO Advisory Services, LLC is a SEC registered investment adviser that provides investment advisory services to a group of private investment funds and other non-investment advisory services to affiliates. Mortgage products and services are provided by SunTrust Mortgage, Inc.

SunTrust Mortgage, Inc. - NMLS #2915, 901 Semmes Avenue, Richmond, VA 23224, 1-800-634-7928. CA: licensed by the Department of Business Oversight under the California Residential Mortgage Lending Act, IL: Illinois Residential Mortgage Licensee #MB-989, Department of Financial and Professional Regulation, 100 W. Randolph, Suite 900, Chicago, IL 60601, 1-888-473-4858, MA: Mortgage Lender license #-ML-2915, NJ: Mortgage Banker License - New Jersey Department of Banking and Insurance, NY: Licensed Mortgage Banker—NYS Department of Financial Services, and RI: Rhode Island Licensed Lender.

"SunTrust Advisors" may be officers and/or associated persons of the following affiliates of SunTrust Banks, Inc.: SunTrust Bank, our commercial bank, which provides banking, trust and asset management services; SunTrust Investment Services, Inc., a registered broker-dealer, which is a member of FINRA and SIPC, and a licensed insurance agency, and which provides securities, annuities and life insurance products; SunTrust Advisory Services, Inc., a SEC registered investment adviser which provides Investment Advisory services.

SunTrust Private Wealth Management, International Wealth Management, Business Owner Specialty Group, Sports and Entertainment Group, and Legal and Medical Specialty Groups and GenSpring are marketing names used by SunTrust Bank, SunTrust Banks Trust Company (Cayman) Limited, SunTrust Delaware Trust Company, SunTrust Investment Services, Inc., and SunTrust Advisory Services, Inc.

SunTrust Bank and its affiliates do not accept fiduciary responsibility for all banking and investment account types offered. Please consult with your SunTrust representative to determine whether SunTrust and its affiliates have agreed to accept fiduciary responsibility for your account(s) and if you have completed the documentation necessary to establish a fiduciary relationship with SunTrust Bank or an affiliate. Additional information regarding account types and important disclosures may be found at

SunTrust Robinson Humphrey is the trade name for the corporate and investment banking services of SunTrust Banks, Inc. and its subsidiaries, including SunTrust Robinson Humphrey, Inc., member FINRA and SIPC.