David Miller, CSO, Covisint
David Miller, CSO, Covisint

The latest security threat to reach mass notoriety - the Heartbleed SSL vulnerability – has caught the attention of businesses, media and Internet users across the world. And for good reason. Real identities and real data on a large scale are at risk. In our fast-paced, data-centric digital culture security risks are inevitable, but by and large the crisis plans and reaction times have been surprisingly slow. We're finally approaching a tipping point where security will reach top of mind. In fact, many experts already expect an increase in security spending this year and beyond.

The security industry's move toward accepting that threats and incidents will occur despite best efforts for prevention further heightens the importance of preparation. The response to a threat, and subsequent time to resolution, has become more important than preventing the threat outright - if only because the latter is near impossible.

In the face of a threat like the Heartbleed SSL vulnerability, a few key areas come to mind where preparation can help businesses prevent tons of scrambling and question marks when future threats crop up.

There have been many reports of a cybersecurity skills shortage. Finding good talent in the near and long term will be crucial to organizations, particularly those with sensitive data on hand. Employing security experts allows you to determine how serious the problem is for your business.

What most businesses need to know right away is if the threat is affecting every customer or employee, or if it is affecting just a sub-set. What about geographies, regulations and international efforts? Answering these questions requires a thorough, proactive inventory of all systems and architectures so you can quickly patch the right technology. Pairing great talent with great process facilitates speed-to-decision-making, which increases profits and decreases losses, putting a staunch in the bleeding before too much damage can occur.