We’re Hyper-Connected. But at What Cost?
Date: Sep 22, 2016
Guest Post: Jason Witty
CISO, Financial Services
A LinkedIn Blog
Technology is pretty amazing, isn’t it? We, as a society, have become “hyper-connected,” and not just to each other – “things” are more connected than ever as well. But is that good or bad?
The short answer is – both.
Life has improved with technology, no question. It’s fun to think of a future where your personal device receives a message that you need more milk, which then sends a signal to your grocery service which then delivers it to your door. But the more connected we are, the more opportunities there are to break and even attack those connections. Cars that could be remotely controlled by an attacker? A new need for a firewall in front of your pace-maker? Really?
Cyber-attacks, ransomware and digital hacking. Not nice words. All of these attacks have been on the rise in the past five years keeping people like myself very busy. When these attacks happen, we as a society always want to find somebody or something to blame. Oftentimes it seems we blame the victim, but why?
Think about it, the level of policing in the physical world is extremely different than the cyber world. In the cyber world it is much more challenging to catch and prosecute hackers. There is no equivalent of 911 emergency services for the Internet, nor the equivalent of a local fire or police department.
So what do you do when you get hacked or your business gets hacked? What do you do when you receive the message from thieves asking you to pay up before they will give you back your data? Unfortunately, there is no quick fix. International law enforcement is very challenged by cyber-attacks and ransomware. They do not always have enough resources within the government and/or police departments to handle some of these more sophisticated attacks, but some are making progress.
What we can do is to be prepared and try our best to avoid falling victim to a successful cyber-attack. I want to first stress the importance of cybersecurity preparedness, education and training.
The number one overall risk in cybersecurity is end-user behavior. If your employees have every protection and antivirus software possible, but still click on that “phishing” email and give away their credentials, that could pose a significant risk and can potentially harm your company’s network.
Companies should have a plan in place before a breach occurs so all relevant parties can be notified to take the necessary steps to protect their data. Businesses need to implement cybersecurity protocols into plans now so it is not a re-training but a continuous training for future leaders. And professionals in charge of combating hacking need to be very educated on how to prevent emerging threats. It is equally important to be involved in cyber-threat intelligence and information sharing groups – successful defense became a “team sport” many years ago.
So what can you do to protect your business and yourself? Here are some tips for businesses and consumers. If these are familiar to you – good, they should be. I hope you are executing these in order to protect your business, employees, customers and yourself…