Featured Stories

Filter By Categories
June 29, 2017

Surviving the Era of Cyberattacks


No matter the investments companies make in protecting intellectual capital, cyberattacks continue to occur and evolve at a frightening pace. Despite best efforts to thwart cyber criminals, the threat of an attack remains as high as ever and new techniques for stealing sensitive employee information are making it increasingly challenging for your people to separate trusted emails from would-be thieves.

 In particular, the threat of phishing is keeping many CSOs and CTOs awake at night, primarily due to the frequency of these attacks and the ease with which they can trick employees into giving up valuable data. Like the saying goes, the best offense is a good defense and your employees must exercise the vigilance necessary to prevent a cybercriminal from wreaking havoc on operations.

Fortunately, new construction technology resources are giving companies the additional oversight they need to help train employees to spot potential threats and give them the tools necessary to identify and mitigate schemes like phishing and ransomware.

Fooled by Phishing; Plundered by Ransomware

Why is phishing such a threat? Mainly because it makes falling into a cybercriminal’s trap incredibly easy.  A cybercriminal will create and send an email to an employee in a position of having access to personal information, such as the data contained in W-2 tax forms. The request usually arrives via a logical scenario – a trusted source, maybe even a superior, asking the employee to turn over personal information of others in order to satisfy an urgent request.

The only problem? That request is originating with a cybercriminal disguised as a colleague making a routine request. And when the victimized employee complies, a cybercriminal is ready and waiting to steal that treasure trove of social security numbers, birthdates, and tax withholding information.  That’s why employee awareness is so critical; without it, they’re likely to fall prey to the phisher time and again.

But even as phishing continues to cause painful consequences, a new threat has emerged that is potentially more damaging: ransomware. In a nutshell, ransomware targets information your company needs to conduct business and a cybercriminal lock down, making it inaccessible until you pay a hefty price to unlock it – in other words, a ransom. Ransomware arrives via malware installed on the target’s computer and doesn’t leave until the ransom is paid or a cybersecurity expert is able to stave off the attack.

But if your firm doesn’t have its own cybersecurity expert on staff, what can you do to protect yourself?

An Ounce of Prevention…..

With this variety of threats swimming around, it’s important to take steps as early as possible to prevent a cybercriminal from inflicting far-reaching hardships on your business. Here are a few helpful tips:

  • Install cybersecurity software and stay proactive about updates, patches and other enhancements responding to an evolving threat environment.
  • Create cyberdefense policies for your business and implement training programs required for employees. Consider limiting use of personal devices and the number of employees with access to sensitive data.
  • Implement a robust disaster recovery program that includes regular data backups and train employees to spot potential cyberattacks and mitigate the threat accordingly.
  • Work with legal counsel and insurers to ensure your company has the appropriate insurance policy in place to protect against significant data loss and other scenarios where disaster recovery is needed.

The rise of potential attacks will likely continue, and employers should take the time to educate employees about the dangers of phishing and ransomware. Making the proper investments now with provisions for disaster recovery will help reduce the possibility of falling victim to an attack later.

Subscribe to Receive Our eNewsletter