Cyber Security Prevents Cyber-Attacks
The term “cybersecurity” is hard to define without using technical verbiage. For some entrepreneurs, it is something they intend to address, someday. Yet today’s tasks keep shoving someday, out of the way.
Without the internet, cyber-attacks would be orphans. Cyber security threats are just as critical to your business’ success whether you keep internet interactions to a bare minimum or dive in headfirst and stay there all day long. As you will see later, email is often your first encounter with potential cyber-attacks.
Cyber Security Lesson #1
Don’t take candy from strangers and don’t let them eat your lunch.
Most adults wouldn’t take candy offered by a stranger or surrender their lunch to someone they didn’t know and watch them eat it. However, add the internet to the equation, and rational thought sometimes goes into “sleep mode.”
Banks, government organizations, and legitimate businesses don’t use unsolicited phone calls or emails to solicit your personally identifiable information. Authentic requests for information required to conclude business transactions or fulfill legal obligations occur during regular hours from people who identify themselves, their reason for calling and leave contact information.
Cyber Security Lesson #2
- Malware – code with malicious intent, installed without notification on your computer that steals data or destroys part of your system
- Prevention – avoid clicking on suspicious links, deploy firewalls, apply computer system security updates so malware will not install
- Phishing (pronounced “fishing”) – requests for data, usually in an email, posing as a trusted third party to induce you to surrender information that will be used to steal your identity.
- Prevention – verify email requests from institutions by phone using the number posted on the actual trusted third party site, not the phone number listed in the email.
- Password attack – outside attackers, try to crack your password
- Prevention – use strong passwords and reset them with new secure passwords on a regular basis
- Denial of Service (DoS) attack – outside attackers send high volumes of traffic until your network is overloaded and can no longer respond
- Prevention – remove your network from the internet until the assault ends
- “Man in the Middle” (MITM) Exploits – attackers masquerade as the endpoint in an online information exchange (e., connecting your smartphone to the free WiFi at a coffee shop) to harvest your credentials and impersonate you.
- Prevention – always use encrypted wireless access points (https connections)
- Drive-By Downloads – visiting a legitimate website infected with malware allows the malware to download onto your computer and install itself.
- Prevention – updating your operating system and software programs prevent the malware from installing
- Ransom ware – malware infects your system are holds essential data hostage until you pay the ransom, and normal operations resume.
- Prevention – updated firewalls, anti-virus and anti-spyware programs prevent malware from installing
- Social Engineering – attackers, masquerade as friends from your social media connections to extract the information necessary to steal your identity.
- Prevention – ask your friend if they sent the request before responding to it
Cyber Security Lesson #3
Did You Know?
- One in Three Americans were Hacked in 2016 | https://www.munichre.com/HSB/hack-survey/index.html
- 43 percent of cyber-attacks target small business | https://smallbiztrends.com/2017/01/cyber-security-statistics-small-business.html
- 95 percent of breached records came from three industries in 2016: Government, retail, and technology | http://www.techrepublic.com/article/forrester-what-can-we-learn-from-a-disastrous-year-of-hacks-and-breaches/
- Over 75% of health care industry became infected with malware in 2016 | https://www.scmagazine.com/75-of-healthcare-industry-hit-with-malware-report/article/569614/
- The median number of days attackers stay dormant within a network before detection is over 200 | https://swimlane.com/10-hard-hitting-cyber-security-statistics/
- Human attack surfaces (number of internet-enabled devices) projected to reach 4 billion people by 2020 | http://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html
- Only 38 percent of global organizations claim they are prepared to handle a sophisticated cyber attack | https://swimlane.com/10-hard-hitting-cyber-security-statistics/
- 68% of funds lost as a result of a cyber-attack were declared unrecoverable| https://www.go-gulf.com/blog/cyber-crime/
- 64% of companies have experienced web-based attacks. 62% experienced phishing & social engineering attacks. 59% of businesses experienced malicious code and 51% suffered denial of service attacks | https://nudatasecurity.com/blog/scary-cyber-halloween/
Cyber Security Lesson #4
Cyber Security Measures Every Entrepreneur Should Consider
- Use password manager software that stores all your secure passwords in a “vault” accessible by you from any of your devices and only requires you remember a single “master password” to open your vault
- Create secure passwords that use a blend of uppercase and lowercase letters, numbers and punctuation marks
- Reset all your passwords on a regular basis
- Set a session time out value that logs you out if the system in inactive for a certain number of minutes
- Require prior approval for all outside storage devices or other peripherals employees bring to work
- Require permission for installation of additional computer software by employees
- Establish Mobile Management Device (MDM) software that allows enrollment for in-house mobile devices
- Encrypt business-critical data
- Regularly backup sensitive data and store one copy off-site
- Set up remote wipe procedures like Android Device Manager and iCloud services for your devices
Cyber security is a trade-off between convenience and protection. Cyber security adds extra time and steps to your business processes. A single successful cyber-attack can destroy your business, credit rating, savings, reputation, and future opportunities.