insight magazine

Inside Fraud | Summer 2016

Cyber Defense Systems are Go

If you’re not watching your cybersecurity, you’re pretty much welcoming a cyber attack.
Theresa Mack Cendrowski Corporate Advisors

If you thought technology was going to advance without risk, you were wrong.  As we grow our dependence on computer-based systems and solutions, we also grow the threat of data and security breaches.

Any organization or individual connected to the Internet is at risk of a cyberattack. And while it may be impossible to completely prevent hacker and fraudster mayhem, a solid, carefully considered cybersecurity and cyber-risk management plan can help head off the dangers.

Consider the case of the KeySweeper, a nondescript, cheap-to-make device that has big breach power. Resembling a functional USB or wall charger, most people wouldn’t think twice about seeing one plugged into a conference room outlet or near company servers.

But in reality, this hardware is capable of wirelessly harvesting keystrokes from wireless keyboards located in its proximity. Potentially that means your personally identifiable information, intellectual property, trade secrets, passwords, and more could be harvested.

With that in mind, here are five steps I recommend to help bolster your cyber defenses.

1. Identify critical data

The level of security needed grows in direct proportion to the level of your data’s sensitivity. From confidential client files to intellectual property and patents pending, data is king and therefore there’s a market for stealing it.

2. Plan what to protect

A successful cybersecurity defense plan will protect all data stored or transferred between computer systems, networks and programs. Individuals and organizations, however, face varying degrees of risk depending on their industry and operations, and the regulatory standards they are required to meet. Regardless of the parameters, managing or restricting access to specific information, data or systems is your first line of defense.

3. Detect your threats

Being familiar with some of the known risks to your data security and the methods by which fraudsters/hackers typically gain access to it is key. Much as today’s technology is ever evolving, so too are the methods by which criminals attack. Continuously monitoring your networks and environment will help you detect threats before they have the chance to wreak havoc. It will also help you keep up on the latest schemes being perpetrated. For example, emailed malicious code or malware in the form of links or attachments are popular right now. Once a user opens the attachment or clicks on the link, access could be granted to that computer or even your entire network.  

4. Plan to act

While proactively asking how to avoid being a victim is important, asking how to respond if you do become one is just as crucial. At the very least, you should have a set of best practices for responding to known common attacks on the types of information and data you regularly access. These practices should be fully developed, tested and documented to ensure a rapid response rate. Which brings us to the final tip.

5.  Be ready to recover

Lessons can and should be learned from any attack. The aftermath will highlight your shortcomings and give you the opportunity to bolster defense plans and update strategies. Learn from your mistakes and you have that much better of a chance of thwarting future attacks.

Leave a comment