Cybersecurity gets a lot of attention today. With remote work more prevalent than ever, there’s a renewed focus on securing our digital and virtual workspaces, data, and more from seemingly far-away threats like the cyber mafia. However, the physical access to your data center, data closet, or wherever you lock away the beating heart of your organization is just as important. But many businesses, especially those that have compliance requirements related to their physical security, are often not in line with best practices in their defenses.
Cyberattacks are on the rise. It’s just a plain fact. Numerous studies, reports, and surveys have pointed to the findings that not only are cyberattacks on the rise but specifically ones designed around social engineering such as phishing attacks. Worse still – these attacks have seen an even bigger jump in frequency since remote work requirements have also increased. Cybercriminals see the amount of company devices outside the typical protections of their traditional offices being an opportunity to harvest data, lock up those devices, and make a quick buck (by the thousands). That’s why I wanted to talk to you about Umbrella (formally OpenDNS).
Start improving your cybersecurity posture now with this ebook, free when you subscribe to our blog.
The novel coronavirus pandemic has taught us several lessons already and there’s likely more to learn. We’ve learned the definition of essential businesses and personnel during a time of crisis, the term “social distancing”, which employees are able to perform their duties remotely, and more. We’ve also learned that pandemics need to be included in every organization’s business continuity/disaster recovery (BCDR) plan. If you already account for them in your business plan, kudos to you! I recently wrote about how to go about this for the Hartford Business Journal and have included more detail below. When putting together a BCDR plan, I think many of us focus on the more typical potential disasters that come to mind like weather, human, and data related incidents. When gathering my thoughts for this, I even subconsciously put pandemic last when listing out types of plans to consider making. Did you have a plan in place that’s helped get your business through this crisis?
The latest issue of Corporate & Incentive Travel Magazine tells the story of how I was at a conference—a cybersecurity conference of all things!—and it provided an unsecure general access wireless network. There was no preregistration for this network and the password was distributed freely to attendees. Most attendees wound up using the hotspots on their phones. Many conferences and events of all types have inadequate cybersecurity protections in place. The Wi-Fi networks offered at these events may seem more secure than public Wi-Fi, but in most cases, they are not. In fact, they could be more dangerous to use because hackers interested in a particular type of data can target the network of a specifically relevant conference (rather than the general network of a coffee shop, for instance).
Cybersecurity risks have been on the rise in recent years, and products and services have been constantly evolving to keep up with these threats: 83 percent of organizations say that they experienced phishing attacks in 2018, up from 76 percent in 2017. Social engineering attacks use psychology to trick people into revealing sensitive information such as passwords and credit card numbers by impersonating a trusted authority. Cryptocurrencies such as Bitcoin are a new (and lucrative) attack target.
Earlier this year, a simple thought occurred to me. Hackers are the new mafia. Cybercrime is the newest part of the organized crime business model. How could looking at things this way change the cybersecurity landscape?