CYBER SECURITY

CYBER SECURITY: technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.

For today’s companies, falling victim to one of these attacks is no longer a question of “if” but “when.” 

Cyber crime is growing at a rapid rate and businesses are increasingly targeted. According to the National Small Business Association, 44% of small businesses have been the victim of a cyber attack and the number of breaches reporter per year continues to climb. A recent Juniper Research study estimates that cyber crime will cost businesses $2.1 trillion globally by 2019, increasing by almost 4X  the cost of breaches in 2015. 

​

Is your business protected?   5 Types of Social Engineering Scams to Know:

​

1. Phishing: is the leading tactic leveraged by today’s ransomware hackers, typically delivered in the form of an email, chat, web ad or website designed to impersonate a real system and organization. Often crafted to deliver a sense of urgency and importance, the message within these emails often appears to be from the government or a major corporation and can include logos and branding. 

2. Baiting: similar to phishing, baiting involves offering something enticing to an end user in exchange for private data. The “bait” comes in many forms, both digital, such as a music or movie download, and physical, such as a branded flash drive labeled “Executive Salary Summary Q3 2016” that is left out on a desk for an end user to find. Once the bait is taken, malicious software is delivered directly into the victim’s computer.

3. Quid Pro Quo: similar to baiting, quid pro quo involves a request for the exchange of private data but for a service. For example, an employee might receive a phone call from the hacker posed as a technology expert offering free IT assistance in exchange for login credentials. 

4. Pretexting: is when a hacker creates a false sense of trust between themselves and the end user by impersonating a co-worker or a figure of authority within the company in order to gain access to private data. For example, a hacker may send an email or a chat message posing as the head of IT Support who needs private data in order to comply with a corporate audit (that isn’t real). 

5. Tailgating: is when an unauthorized person physically follows an employee into a restricted corporate area or system. The most common example of this is when a hacker calls out to an employee to hold a door open for them as they’ve forgotten their RFID card. Another example of tailgating is when a hacker asks an employee to “borrow” a private laptop for a few minutes, during which the criminal is able to quickly steal data or install malicious software.

​

Deploying products that can protect you from Cybersecurity attacks 

• System Wide protection with product like Umbrella / openDNS from Cisco

• Robust Antivirus like Webroot

• Continuous malware protection

• Proper management of your Intrusion Detection and Intrusion Prevention Systems (IDS/IPS) by deploying hardware/software such as SONICWALL to achieve another layer of powerful security.

• Proper Backups and Disaster Recovery in proper sizing of a device and proper planning

​

Conclusion

Developing a robust, multi-layered cybersecurity strategy can save a business. Ongoing employee education and security technology will boost your front line of defense and dramatically decrease the likelihood of any breaches. Lastly, a solid, reliable backup and recovery solution is the second and most essential layer of defense, allowing businesses to quickly recover unscathed should things turn ugly!