Braden Perry Featured as Expert in Proactive vs Reactive Cybersecurity Article
VPNRanks highlights Braden Perry, among other experts, in an article on proactive vs reactive cybersecurity models. Most companies use reactive cybersecurity which includes implementing defense mechanisms like antivirus software, firewalls, password protections, spam filters, and ad-blockers. The reactive approach has proven to be useful, but companies should not rely solely on this strategy as their primary defense mechanism. Proactive cybersecurity, which can assist in preventing an attack from ever happening, has proven to be effective in identifying vulnerabilities in a system. This strategy implements bug hunting, extensive network monitoring, ethical hacking, employee training, and independent security audits.
“Braden, who is a Cybersecurity Attorney has this to say about proactive and reactive cybersecurity. If the forest becomes too dense to see the trees and the tone at the top (i.e. the CISO) allows the company to become reactive, meaning that they do not anticipate issues but wait for issues to arise and then act or react. This leads to short-sightedness, looking at the near-term, and not focused on long-term goals. This is opposed to the proactive approach and forward-looking, not only in anticipating issues that might arise but in having clear directions and goals.”
To read this article in full: https://www.vpnranks.com/blog/proactive-vs-reactive-cybersecurity-expert-opinions/
About Kennyhertz Perry’s Privacy, Cybersecurity, and Breach Management Practice Group
Kennyhertz Perry assists clients with data security needs, blending traditional legal experience in the corporate and litigation arenas with technical acumen.
We assist clients in prevention, developing robust information security programs, including administering internal compliance and risk assessments, which include the development and implementation of corporate policies and procedures required for compliance with state and federal privacy and security laws, and information security best practices; information security policies; records retention and management policies.
In addition to prevention, Kennyhertz Perry can prepare security incidence response procedures, identify, assess, contain, and mitigate privacy and security breaches, and work with law enforcement to assist in the investigation of the incident. Businesses that are the victims of cyberattacks also must determine when and how to cooperate with government agencies during investigation of an attack, and how best to do so. The lawyers in our privacy and cybersecurity practice, as well as members of our Government Enforcement practice group have deep experience, from both government and private practice, in this area, and help companies navigate the often complicated interactions with government agencies, and can provide both counseling and representation where the threat of prosecution may arise.
Kennyhertz Perry also assists with IT resiliency understanding and engaging at the top management and board level. Traditionally, IT has been misunderstood, and management would not understand the role and responsibility of IT departments. Kennyhertz Perry bridges this gap at all level. At the Board level, directors not only need to be sophisticated with business issues, they also need to be versed in today’s cyber and IT. Translating an understanding of the importance of a proactive IT security policy, and feeling like the company is “on board” with IT security efforts. Many companies have very robust policies and procedures for their business processes, which sophisticated Board members can understand. IT is different. It’s a different language for a business person, and unfortunately most Board members will ignore or defer on issues they don’t understand. So when an IT department presents a robust plan for proactive IT security, it may go ignored or disregarded. This can lead to a reactive plan only that focuses on the “when” as opposed to prevention. IT is a different language. We serve as Board IT/cybersecurity liaison to be the “go between” and translate the IT language into business and vice versa.
*The choice of a lawyer is an important decision and should not be based solely upon advertisements.