November 1, 2017

Phishing and Spearing, and Malware, Oh My! Is Your Business Ready for an Attack?

We live in an age of unprecedented ease and connectedness. With just one click, we can teach, learn, create, meet, build, buy, sell, socialize, and more  all from the comfort of our favorite couch. It’s undoubtedly a great time to be alive. Unfortunately, great reward tends to come hand-in-hand with great risk. In the world of cyber, that risk is posed by hackers whose cunning abilities are traveling beyond current security measures at an astonishing rate.


According to a study done by Munich Re, nine in ten companies have experienced an instance of cyber-hackingAlthough common sense would indicate executives should observe this statistic, take the initiative and begin to establish strong cyber fortifications, this isn't the case. Astonishingly, Only 48% of organizations which experienced breaches in 2016 have made updates to their security, and only 38% of global organizations feel currently prepared to combat a sophisticated attack (“2015 Global Cybersecurity Status Report”, ISACA International).


From an individual standpoint, an encounter with a cyber hacker could prove to be damaging; for a corporation guarding hordes of sensitive, personal consumer data, that same run-in could be catastrophic. Big or small, cybersecurity is an issue belonging to every business, and ensuring readiness now will save time, money and headache later on. Luckily, Fortalice is here to help. We've assembled a list of six questions to help your business assess its’ cybersecurity preparedness: 


1.  Is our team educated? 

Humans have now surpassed machines as the top target for cyber thieves. On average, a hack occurs every 39 seconds and wide-spread cyber ignorance makes it that much easier for attackers to succeed. Creating frequent, relevant, and engaging training programs will reduce the number of cyber vulnerabilities caused by employee negligence, error, and susceptibility to social engineering.


2.  Is leadership setting an example?  

It is vital for employees to grasp the implications of a data breach, recognize potential risks and take the initiative to avoid human error. For staff to take cybersecurity seriously, management must first set a definite example.


3.  What are our top critical assets?

Not all data is created equal. Organizations should prioritize their top two or three critical assets and vigorously defend those against adversaries.


4.  Who is in charge of office cybersecurity oversight?

Determine who has jurisdiction over cybersecurity for your organization. Make sure the chains of command are clear so, in the event of a breach, your team is organized and able to focus on fixing the problem.


5.  How will we handle a breach?

External response is crucial when reacting to a cyber attack or data breach. Determine whether you will work with the proper authorities and how you will communicate to your customers.


6.  What is our cyber footprint?

Organizations should do a full-scale review of their cyber footprint  include employee habits and behaviors, customer assistance methods (do you only use social media to contact customers?), and the technologies used to conduct day-to-day business.