We hate to be the bearer of bad news, but 2019 and beyond will surely bring more waves of ransomware, phishing, new laws and regulations, and attacks utilizing information technology as a threat vector. Tax season is upon us and is a particularly high threat time of year with internet phishing scams that lead to tax-related fraud and identity theft.
You must arm yourself against these threats and prepare to:
- Stay calm if you’re impacted by any security incidents or technology issues. The feeling of panic, loss, or embarrassment over being victimized can often motivate people to bypass logic or reason, which is why ransomware attacks are so effective.
- Be vigilant and invest in training your users on detecting and avoiding phishing attempts. LMT has partnered with KnowBe4 to provide effective and engaging ongoing training that has proven results.
- Be cautious about what you share online as that limits the information attackers can use against you. Laser phishing is a more complex form of phishing, using Artificial Intelligence (AI) to impersonate people. Your social media sites and web presence reveal a lot about the business structure where you work, friends, family, and personal interests. For attackers, this information makes it that much easier to “laser target” you or your business with sophisticated phishing techniques.
- Be proactive about compliance with evolving regulations. The after-effects of the EU’s General Data Protection Regulation (GDPR) will continue to shape data security, with new laws and regulations expected to add complexity on a global scale. Inevitably, there will be an increase in massive GDPR fines that will impact North American companies who obtain data from people located in Europe. CEO’s can no longer claim ignorance for much of the burden will fall onto their shoulders.
- Recognize the value of your proprietary information and the importance of your information technology infrastructure. In our current economy, data is the new oil. There is a lot of value in data, which is why data exfiltration attacks will become a new hot topic. With immense amounts of data being collected by private and public sectors, attackers will find new and creative ways to attempt to exfiltrate or even modify your data without your knowledge and demand ransom for its eradication.
So, what can you do now?
- Start thinking about defense in-depth and continue to communicate the importance of it with your C-level executives and employees.
- Work with your LMT Account Manager to review your options and plan for enhancing security, stability, integrity, and methods for better protecting your IT environment.
- Given the increasingly sophisticated and damaging methods used by sophisticated attackers, make sure your company is budgeting appropriately for cybersecurity and information technology. No business is too small to be a target. At least 43% of cyber-attacks against businesses are targeted at small companies and this number will only keep increasing.
- As a CEO, understand the legal ramifications that can occur as a result of a cyberattack. The Stop Hacks and Improve Electronic Data Security Act (SHIELD) was introduced in the NYS Assembly back in November of 2017. Under this act, companies would have a legal responsibility to adopt “reasonable” administrative, technical, and physical safeguards to protect sensitive data. While it hasn’t yet passed, it does highlight the growing compliance requirements which are no longer limited to PCI and HIPAA but for “any company that handles a New York resident’s private information." This, in addition to GDRP regulations, can be costly for CEOs and the reputation of a company.
- Educate yourself and your last line of defense. Work with your dedicated LMT Account Manager and Account Executive to review Social Engineering training and security tools.
Learn more about our technology and security services at LMT Technology Solutions, or contact us now.
Stay safe and cautious,
LMT Technology Solutions