Welcome to Cybersecurity Month
Having a month dedicated to cybersecurity is a little bit of a misnomer. It indicates that there are some months where you don’t think about cybersecurity. Granted I think about security daily, as that is my job, but I hope most of you are also aware of it and think about it more than one month out of the year. However; since we do have a month dedicated to it, I thought this would be a good time to discuss some basic statistics provided in Verizon’s 2018 Data Breach Investigations Report. As the report says, “data breaches aren’t just a problem for security professionals”.
- 73% of cyber-attacks were done by outsiders, and 50% of those are organized criminal groups.
- 76% of breaches are financially motivated. Cryptolocker, stealing data, etc – it all comes back to money.
- 4% of people will click on any given phishing campaign. According to the Verizon Breach Report, people who click once, tend to click again.
- 68% of breaches took a month or longer for the company to act. Since most breaches happen within a few minutes, time is of the essence.
All of those numbers are fairly scary, but there are things you can and should do to protect your company.
What should you be doing?
- Monitor your network for abnormal behavior by looking at your Logs. Anything out of the norm could be an indicator of a vulnerability that cyber-criminals can take advantage of.
- Train your people! Security awareness training does work and if you are not doing it, you should be!
- Patch your systems – an unpatched system is asking for someone to hack it. Make the cyber-criminals work for their money.
- Setup Two-Factor authentication on everything – this includes your domain account!
- Encrypt your hard drive. Every modern operating system allows you to do this, so do it.
- If you are a bank, financial institution or retail, pay attention to physical security. About 34% or more of your criminal activity is done physically.
Cybersecurity is hard, but ignoring it doesn’t make it go away. The only thing you can do is take a realistic view of your systems and determine the best way to protect them. A cybersecurity professional can really help in this instance. Professionals should be able to assess the vulnerabilities in your environment and make the best recommendations that are unique to your business. If you would like Thrive to assist in securing your organization, contact us today to set up a consultation.