Cybersecurity has become even more of an issue for many companies than it was pre-pandemic. Criminals are looking for low-hanging fruit, and Ransomware-as-a-Service platforms make it easier than ever to cripple organizations. Here’s an overview of how the world has changed and what organizations must do to help protect customers with remote workforces.
It’s a sensitive time for all companies. For example:
- In its Global Risks Report 2021, The World Economic Forum listed cybersecurity failure as the fourth most clear and present danger (behind infectious diseases, livelihood crises, and extreme weather events) the world faces in the next two years.
- More virtual workers have exponentially increased the “attack surface” for would-be cybercriminals.
Cybersecurity vulnerabilities to watch out for
Busy employees using the same username/password combinations across multiple accounts can become victims of credential stuffing, a form of cyberattack whereby hackers use previously stolen username and password combinations to gain access to other accounts.
Although most major video conferencing platforms have taken measures to prevent intrusions, hackers may still be able to “obtain confidential or sensitive information from participants. The information is then sold to another party or made available to the public to damage the company’s reputation.”
In a presentation SmartSource sponsored at Staffing World 2021, representatives from Michael Best & Friedrich LLP (Joseph Dickinson), UHY LLP (Jerry Grady), and UHY Consulting Inc. (Richard Peters) discussed current cybersecurity and data privacy threats:
- Ransomware—malware software that holds an organization’s data or access “hostage” in exchange for money (usually paid in cryptocurrency)
- Business email compromise—a tactic in which the attacker, posing as someone the recipient knows and trusts, requests a transaction (wire transfer, for example) or information that defrauds the organization
- Spearfishing—an email campaign targeting a specific person or group that exploits recipients’ known interests and contains an attachment or link, which exposes the target to malicious software when opened or clicked
- Big data dumps—a massive data breach in which customers’ personal information or passwords are stolen from an organization and offered for sale on the dark web
- Security tooling gaps—a possible gap between the tools an organization needs to protect its data, intellectual property, and customers and the tools it has in place
How to reduce cybersecurity risk
Cybersecurity is a complex discipline that requires professional management resources. IT solutions companies can help clients reduce the risk of cyberattacks on devices in several ways:
- Configure each laptop individually with the most up-to-date and secure operating systems and software
- Implement Multi-Factor Authentication on devices and websites
- Implement Content Filtering to block malicious websites
- Install anti-malware and Endpoint Detection and Response software to help protect against cyberattacks
- Back up and recover devices to reduce the impact of a breach
- Wipe devices after use and before re-deployment
- Provide remote device monitoring to remediate security incidents in real-time
- Offer IT help desk support to answer contractor cybersecurity-related questions
- Help develop an incident response plan, encompassing backup and disaster recovery
Most cybersecurity experts agree that breaches aren’t a matter of “if” – they’re a matter of “when” for every organization. The best remedy is to be aware of the risks, take preventative measures, and have a response plan in place.
Talk to the technology experts at SmartSource® to learn more about protecting rented, leased, or owned devices from cyber threats.