Viya helping businesses fight the growing global threat
October is Cybersecurity Awareness Month, and this year’s overarching theme is “Do Your Part, #BeCyberSmart”. As a business owner, head of a government agency, IT professional or entrepreneur, this month is your opportunity to consider the cyber risks your organization faces, as well as the devastating impact that a breach can have. Although cybersecurity may not be top-of-mind, we are reminded every October that it should be. When you consider that every aspect of your business (or government agency) relies on digital workflows, you realize that a cyber breach has the potential to bring revenue generation and/or operations to a screeching halt.
The cyber-attacks that frequently become the front page stories with the biggest headlines are typically about corporate giants, huge government agencies, and large financial institutions. These stories can create the misconception that it’s only big companies that fall victim. It is common that leaders of small to mid-size businesses or local government agencies believe they are too small, or don’t have anything valuable enough to be the target of an attack. This could not be further from the truth.
Ask yourself this simple question: Do you gather any information from your clients i.e., social security numbers, credit cards, bank information, date of birth, address, or any identifying data? Do you represent a market, ideology, or agency that could become the target of protests? If you answered yes to one of those questions, you are at risk and you don’t have to be directly targeted either. Many businesses are compromised by attacks that are automated. There are botnets that dynamically scan the internet for vulnerable hosts or devices. When they find vulnerable devices, they are capable of automatically compromising them without human involvement. A compromised device now provides a hacker with a foothold within your organization. Once they have access, they will search for data they can either sell or encrypt for ransom. In some cases, bad actors my simply disrupt your systems, wreaking havoc on your ability to do business and satisfy customers. Other examples we have seen in this region are attacks on phone systems where bad actors steal long distance phone services, leaving the attacked organization to pay the bill, or gaining access to bank accounts where money is stolen.
“Threats become more insidious, and the perpetrators become more sophisticated and stealthier.”
Another common misconception among organizational leadership is that having a firewall and antivirus makes you safe. The reality is that those technologies are considered best practice technologies to have, yet these technologies alone do not protect you. Remote workforces, and cloud applications have dramatically changed where data resides, and how your customers and employees access it. This also changes the cybersecurity risks your organization faces, and the technologies needed to keep it safe.
Every year, threats become more insidious, and the perpetrators become more sophisticated and stealthier. Risk reduction is a team sport, and everyone in your organization must understand that cyber threats are prevalent, and don’t only come from outside of the facility. Reducing risk is not just about implementing technology. Organizations can spend a lot of money on technology, but people can be the weakest link. Many times, employees unknowingly introduce a threat to your network by clicking on a phishing attack, falling for social engineering, or even by plugging a corrupt drive into one of the company’s computers. Employee awareness and training is critically important as part of an overall risk program.
Now that Cybersecurity Month has achieved its goal – driving awareness and thought, the question is what to do next. To decide what is best, every organization needs to consider their own individual cost vs. risk equation. It is very important to understand the potential impact of a breach (both financial and reputational), decide on a proportional budget to mitigate that risk, and then consider right sized technology, process, and training programs that fit you.
For many, outsourcing cybersecurity is the best and most efficient way to reduce risk. The cost to purchase and manage technology in house can be a barrier for many companies. In addition, it can be difficult to hire and retain skilled staff. Viya Business Solutions team of experts has the solutions, knowledge, skills, and training programs you need.
As the US Virgin Islands’ ideal partner powered by parent company Atlantic Tele-Network International through its subsidiary Fireminds, Viya offers unmatched experience and expertise with proficiency in the intricate Cybersecurity world.
Take a look at our most recent Business Solutions Smart Series Webinar focused on Considerations for Insourcing vs. Outsourcing Cyber Risk Management