National Cybersecurity Awareness Month
by Joshua Easters, C.I.O. of Diversicom
The Importance of Cybersecurity
This October, National Cybersecurity Awareness Month is commemorating its 15th year as an annual initiative to raise awareness about the importance of cybersecurity. The U.S. Department of Homeland Security leads this initiative to ensure every American has the resources they need to stay safer and more secure online.
Daily news articles make it clear that cyber-threats have become significant, and businesses large and small are susceptible to them. Online activity continues to expand exponentially as time progresses; and with this expansion of use, cyber-criminals are taking every opportunity to exploit users of online services for their own personal gain. It is imperative while utilizing online services to ensure that users remain vigilant to the many possible threats that are there to protect their identity, their businesses, and their financials.
Notable Corporate Breaches
From a business perspective, there are a multitude of threats to look out for. Just last month, Facebook experienced the largest data breach in the history of the company. During the breach, at least 50 million users of the social media service were fully exposed to the hackers who utilized a bug in Facebook’s coding to gain access. This breach allowed full access to everything within those accounts including all private messages sent and received by the users. Events like this bring the sobering reality that even Facebook, with a market capitalization of nearly 500 Billion dollars and huge cybersecurity teams, is susceptible to these threats; threats that now leave over 50 million users questioning who now has their private information.
Breaches such as the one affecting Facebook follows other notable breaches occurring this year such as the breach affecting 368,000 records at Florida Virtual School and the breach in April affecting 1.5 million records at SunTrust Bank. These events represent significant risk to personal and financial data.
The breaches at the corporate level are enough to cause concern for individuals. Monitoring accounts for any suspicious activity and changing account passwords immediately after hearing of a breach is crucial to minizine personal risk. In addition to the risk that corporate breaches have at the individual level, it is important to remain aware of possibly risky situations while you are using online services. A few key things to look out for:
Security of your WIFI network – Hackers are now frequently finding networks in public places that they can penetrate or mimic (coffeeshops, hotels, etc). If the hackers can get your device to join their network, they can gain access to your system and even log everything you type on your device. We would recommend that you never access online banking or send confidential information while on a public network. Be very careful that you are connected to legitimate public networks, and always work under the assumption that if you are on a public network, there is a chance that your information might be public as well.
OS version of your devices – OS developers such as Apple, Google, and Microsoft are constantly updating their coding to combat potential threats, but to take advantage of their engineering you must update your devices. We recommend keeping the OS versions of your mobile devices and computers updated on a very consistent basis.
Awareness of scams – Scams have become a huge business for criminals, and there is a flavor of scam for everyone. Business scams, lottery scams, blackmail scams, romance scams; the list goes on and on. Remember, if an email from someone you know looks suspicious, reach out to the sender and verify that they did in fact send the email. Never give personal information to someone you do not actually know; and if something sounds too good to be true, it probably is.
Email attachments – Be extremely careful that you are 100% sure an email attachment is safe before opening it, even if you know the sender. Verify with the sender directly prior to opening it, or make sure that your computer has antivirus that actively scans files before fully opening them.
Risk mitigation within businesses is crucial to the survival of a business. In Florida, the Florida Information Protection Act (FIPA) places strict requirements on businesses with regard to data breach.
Businesses throughout Florida that maintain records of client data, regardless of industry, are subject to large fines in the event of a breach in addition to the negative PR associated with the client notification requirements.
FIPA is just one regulatory requirement affecting any commercial or governmental entity that acquires, maintains, stores, or uses personal information of individuals; specific industries can be subject to their own regulatory bodies such as HIPPA (medical) and FINRA (financial services). It is imperative that your business remain as protected as possible from a breach, and that you have a business plan in place to mitigate the impact of a breach should one occur. Here are some steps to ensure that your business is as prepared as possible:
Make sure that your network is fully up to date with security hardware and software to block potential threats before they reach you.
Educate employees on the potential threats to your business to turn your employees into a line of defense against cybercriminals. Employees pose the greatest risk to your business from a cybersecurity perspective, so it is crucial that you invest in the education and tracking that they need to be as informed as possible.
Make sure your network is documented and monitored consistently, so that any potential security threats can be dealt with proactively, before any information is stolen.
Have your documented business plan for data breach readily available. In the event of data breach every minute that passes is costing you money. You cannot afford to delay action following a verified breach.
Buy an insurance policy that covers your exposure to cybersecurity risk. These policies are generally not cost prohibitive, and come at a lower rate if you have a reputable MSP managing your network. If a breach were to occur on your network, a proper cybersecurity insurance policy could save your business.
How To Learn More
Cybersecurity is a daunting subject that covers so many aspects of personal and corporate life. Diversicom has been at the forefront of business-centric cybersecurity for nearly 20 years. We find that the combination of proactive management and education have been the key to minimizing risk for our clients. Our services offer what your business needs to proactively block cybersecurity risk through education, monitoring, management, and strategy planning.
To learn more about National Cybersecurity Awareness Month, visit: https://www.dhs.gov/ncsam
To learn more about Diversicom’s services, visit: http://www.diversicomcorp.com
To attend our free cybersecurity seminar and breakfast this month, visit: http://www.tampaitseminar.com