If there ever was a storybook group of hackers that helped humanity by getting information from companies illegally and sharing it, they certainly did not exist in the 21st century as a dominating force. Instead, companies that work in the cloud and with data have been constantly hit with malware and cyber attacks by hackers that want money and power.
For most managers and executives, the difference is that in most cases, you do not need to worry about upsetting the public with the action that you take in order to counter hacking and malware threats as they arise. They are already on your side because they know that most hacking groups are now just gangs.
Here are some considerations that can help your company when it comes to security threat management:
Your weakest link is your most gullible employee
Several years ago, a software company manager approached his co-worker and asked him if he thought he should open an e-mail that he had received. The e-mail subject was “I love you” and the sender was the company owner’s wife. The co-worker said, ‘no don’t open it, she doesn’t love you.’ The employee opened the e-mail anyway and the entire company was infected by malware. The upshot is the company paid a lot of money to get rid of the virus and the employee, while not being fired, was not allowed to advance from that point on.
So if you are a company that wants to minimize your exposure to malware, starting by training your employees is a good idea. There are many scenarios that the average employee will walk into without being aware of how dangerous it can be for their company.
Cyber attacks are no longer just hit and run
One of the most audacious hacks of the past 20 years came when the Greek government had their telephone system routers hacked during the Summer Olympics. Every person who was in the country during that time period, including all politicians therefore had every conversation that they made compromised. That particular cyber attack lasted for a few months before people became suspicious. The police person in charge of the system ended up committing suicide when they found out how compromised their security system actually was.
Eye-opening news for companies that are used to someone trying to break in and steal, before making a clean get-away. If the preferred pattern is to break into the main system and then sit there like a parasite leeching information over time, the bad guys can be considered much more sinister because they are institutionalizing a breach in your security. This type of breach can cost a business nearly $6 million to recover from, according to Blue Coat.
One of the best responses to this type of attack existing in your environment is to work with companies that have people that focus on edge security. Knowing or having access one of these consultants gives you access to people that can systematically check for anomalies within your environment in a way that is designed to uncover active cyber attacks. Refactoring your data store so that you outsource things like financial account information storage to banks or payment processors is another way of lowering your profile so that criminals are not interested attacking your business.
Portability can increase and lower your risk profile
A move online or into the cloud with your data systems will open up a lot of flexibility for your workers when it comes to connecting with the data that they need to do the job. A positive here is that most data centers that you would work with are going to be places that do security much better than your internal systems ever did, simply because that is what they focus on as an entity. The potential downside for your firm is that with all the different types of smartphones and tablets, the likelihood of your employees getting their passwords taken increases. The latest hacker gangs in Mexico are using camera systems and radar to read over shoulders in public places like coffee houses so they can do one thing- pull password information from users that they can use online.
One good way to counter this type of attack is to have your employees use their browser level-security to store passwords. That way, when they are in public, they will never need to enter a password that is not related to their Wi-Fi login. In addition, they won’t be storing passwords that can be read.
Malware, cyber attacks, and hackers are threats that will continue to become more sophisticated as time goes on. Partnering with security firms that see a bigger picture than is traditionally reported will put your company farther ahead of people interested in taking your information.