Building a Data Security Strategy¶

Ivor Padlock invites Sidney Seeker, Gary Geeke and Lemmie Stage to a meeting to discuss the data security strategy. Lemmie and Gary describe their processes to secure the IT systems. They use certificates, a firewall and SSL on the internal network, along with strong passwords on administrative user accounts.

Sidney asks if the security of the systems has ever been tested, but an expert - or using advanced tools? The answer was "no".

Sidney explained that cyber attackers are using sophisticated tools that include AI to penetrate organizations and steal information. They have a lot of computing resources to pound an organization's systems, looking for vulnerabilities. They may also use social engineering (such as phishing) to get information from employees. Since cyber threats are not static and evolve rapidly it is necessary to perform regular audits and assessments to stay one step ahead of the threats by identifying and mitigating potential vulnerabilities before they can be exploited.

Ivor realizes that this is a serious situation. Coco Pharmaceuticals' future depends on taking care of its intellectual property and reputation. Both are at risk from cyber attacks. It needs to take steps to protect their data and ensure that it is safe and secure. He asks Sidney to help him build a briefing for the board to raise awareness of the situation and request further investment in IT security.

Supporting the Data Security Strategy¶

A key finding of their analysis was that Ivor needed specialist help to monitor, test and improve the security of the IT systems. As a result, Coco Pharmaceuticals hire Simon Burr (known as Si to his friends) to lead their Cyber Security practice.

Raise an issue or comment below