At Amazon AWS re:Invent 2019, I met a business leader who was facing data security issues with endpoint devices. We exchanged our mail IDs, and within a week, we had outsourced our security resources to aid his business in developing a robust security solution. It took us close to 7 months to develop tools and train the company resources. Our company even went ahead and provided a training session to everyone in the staff to deal with spammy emails to malware attacks.
The business leader was satisfied with how the objective was achieved. When you deal with cybersecurity, the question is—how and when—it’s not about the why. According to Cybersecurity Ventures, by 2021, cybersecurity is projected to cost $6 trillion, and according to Verizon, small businesses (less than 250 employees) were the target of attack 58% of the time. No matter what you do protect your business from hackers, cybersecurity will be a moving target.
The current malware attack techniques are organic, so every organization needs to be on its toes when dealing with cybersecurity risks. In November, Inc. surveyed CEOs and other senior executives from more than 150 organizations. The question was raised about the confidence in security both in corporate and personal data. The result gave an interesting view—about 53% of the respondents said that they feel more confident about their corporate data, compared to 5 years ago, but when it comes to personal data, only 28% agreed to have felt protected.
Whether data is secured or business is secured are two different questions, but completely interconnected. Matt Singley, Founder of Chicago real estate firm Pinnacle Furnished Suites, said in a statement that they are concerned about the new methods being used by hackers, but still are confident when it comes to managing different security situations with current defense. One way the business does protect users’ data is storing the customer’s information only when necessary, performing regular device audits of the system and data, which will reduce the impact during the breach.
Though the current impact of a data breach is felt right from any product usage to simple information sharing notification, the CEO of wealth management firm Regal Financial Group said in a statement that his company faces security threats that are both complex and large in numbers. The company is countering the increased security threat by providing security awareness training for every employee and hiring cybersecurity consultants to recommended changes. The company has realized over time that every business needs to work on its security strategy; however, every time the business grows, it will need an improved ability to identify potential threats.
Advanced hacking techniques aren’t the only factor that has made the security more challenging for the businesses; remote work location is creating a bigger void for the businesses. The CEO of Nyla Technology Solutions, Shana Cosgrove, said in a statement that more and more people in business are using different devices to access data. The company provides software and cybersecurity services to the Department of Defense; thus, as the number of a platform for management increases, it’s increasingly difficult for any business to manage the same.
Jack Wight, CEO of device rebate company Buyback Boss, said in a statement that his company is constantly under attack from hackers who try to gain access to various bank account information. The scammer usually calls the company, portraying as the vendor over email, and asks for wire payment. The company has implemented a policy of calling the vendor before any type of payment is being made toward him. 5 years ago, everything was operating on a much lower scale, but today one needs to deal with the scammers on a daily basis.
When it comes to data and security, you cannot separate one from another. A security expert working with the US Army and many Fortune 500 companies said that whenever there is a threat, they assume it’s the worst kind. Considering every information is not secured, and for protecting, they use robust techniques so that in case one system fails, others can always step in.
Now that everyone had established that there is a threat looming somewhere in the background for data, whether it’s just a tool or technology, you need to have a wait time and attack time.
The US recently accused 4 members of the Chinese military, and they were charged with breaking into the network of the company Equifax. Equifax is the largest credit reporting agency and has over 800 million customers and more than 88 million businesses worldwide. The US Justice Department blamed Beijing for one of the largest hacks in history to target consumer data.
The hackers during the 2017 breach stole the personal information of over 145 million Americans, collecting various data types such as names, addresses, social security and driver’s license numbers along with other data stored in the business website. The scale of the attack and what it has been able to capture raises many questions about the security of businesses dealing with sensitive security information.
Here are some steps that leaders could implement for better protection against threats:
- Changing the approach and culture of an organization. “Everything is ok” is not a solution; assume you are a target.
- Constantly make the necessary training available for every employee to improve the level of vigilance and awareness about the possible risks and threats that exist.
- If you don’t have the resources in-house, the organization needs to identify the provider who can help conduct the risk assessment, identify the cyber threats that are or will affect your business. Develop an incident response plan and implement the countermeasures to mitigate the high probability of threats.
Start-ups and small businesses are more prone to cyberattacks; the rising digital transformation, mobility, and ignorance toward security regulations are the most common reasons triggering the pitfall. Securing a business infrastructure and overlooking internal threats is one of the major reasons why most organizations fail when it comes to building a robust security strategy. In 2020, data threats will be bigger, larger, and better; ARE YOU READY FOR IT? To know more about security threats, download our latest whitepapers on Security.