Data breaches are common and are becoming more dangerous every day. Cards Technology founder and CEO Sam Card shares some best practices on how to protect your business from breaches and how to respond when – not if – you have a data breach.
Sam Card: One of the first impacts of a breach is to your business reputation. You owe it to your customers to let them know about the hack; unfortunately, this can mean your customers now view your business as risky and unprofessional. To help mitigate that, you may have to subscribe your clients to an identity monitoring service for a year which could cost thousands of dollars. Add credit restoration services to the mix and cost becomes another impact.
The main impact, of course, is to your data security. With access to your sensitive information and server, hackers can use your system for illegal activities like crypto mining where they mine bitcoin all day – using your computers. Or, they may even host an illegal web site using your server.
Sam Card: Develop and implement a breach response plan so you and your team know what steps to carry out. Part of this plan includes assigning people to an incident response team which typically includes an executive team member and staff from IT, legal and public relations.
Sam Card: It’s all about how you deal with the situation. I think as long as you’re truthful and honest throughout the whole process, customers are going to be understanding. It’s important to be prepared and to let customers know what steps are being taken to protect their information. If you’re caught unprepared, you’ll look silly to customers. Many businesses are not having business continuity and disaster recovery (BCDR) conversations with their IT providers, and this is a mistake. Regardless of the size of your business, hackers are targeting you and you need to be prepared.
Sam Card: I don’t think you can ensure that – it’s not if you suffer a breach but when. When you engage with a Managed Service Provider, a certain level of security is put into place based upon how much you are willing to risk and how much you pay to prevent cyberattacks. So, you are protected from the things your system is designed to monitor. Unfortunately, there’s always some new hacking tool or cyberthreat out there that you aren’t protected from. So, it’s possible that you will go through more than one data breach. The best practice is to talk with your cyber security provider to make sure you have the right balance of security and risk for your organization.
Phishing, whaling and spear phishing are attempts by hackers to steal sensitive and personal information to gain access to your business or personal accounts. Because phishing accounts for 90% of data breaches, Sam Card, Cards Technology founder and CEO, discusses what you can do to protect yourself and your business from these hacking attempts.
Q: What are phishing attacks and how can they impact the security of your business data?
Sam Card: Phishing attacks are social engineering attempts designed to steal user data like passwords and user names. Firewalls and antivirus software typically are successful at stopping hackers from getting into your network so hackers have come up with an easier way to get this information – phishing emails. The emails are disguised to look like they are from a trustworthy source so users can be tricked into giving out sensitive information such as passwords and even credit card numbers.
Once hackers have this information, they can impersonate you which is where the main security impact is. Acting as you, the hackers send out emails to your contacts asking for more information to access even more online accounts. You might not know for months that you’ve been hacked as hackers often sit tight for a period of time after stealing credentials before exploiting your stolen information.
Q. Are Office 365 users targeted by attackers?
Sam Card: It’s not that Office 365 users are being targeted per se. Because the use of Office 365 is so widespread, hackers disguise their phishing attempts to look like they are coming from SharePoint, Teams or Outlook, for example. Since most people recognize messages and notifications coming from Office 365 they are more likely to trust and act upon them.
Q. What type of data could a hacker gain access to if they obtain your credentials?
Sam Card: When a hacker has access to your email account, for example, they can figure out a lot – where you do your banking, where your company stores its files, what your Facebook account is. With this information, hackers can easily get access to more private information like names and addresses of your customers and other data about your business that is commonly used to aid in identity theft schemes.
Q. What steps can your business take to prevent these types of attacks?
Sam Card: One of the best defenses is to have proper data governance policies in place. Part of this system is a data loss prevention and retention policy to identify where data should be stored and how long it should be retained (or not). Policies can be set up to prohibit users from saving information in the wrong location or accessing data they aren’t permitted to access. More importantly, data governance policies can trigger alerts if specified types of data are used inappropriately or shared outside of your company.
Cybersecurity awareness training is the other essential piece to protecting your business information as human error is currently the weakest link in cybersecurity. Employees must be trained to recognize phishing attempts and then be tested regularly to continually train them on how to deal with them. Even after awareness training, people typically still click on a phishing email because they can look very convincing. Business leaders should make sure employees feel safe and understand that they must report it to the IT department if they click on a phishing email. If no report is made, the hacker has a much-improved chance of not being caught and realizing high levels of success with their attack.
As seen in The Maryland Coast Dispatch
In the past 12 months, over 50% of small businesses have been breached by a hacker. Fears are on the rise and many people worry they’ll be the next one attacked. The key to learning how to outsmart a hacker is understanding how they operate. Sam Card answers questions about how hackers operate and what you can do to avoid being hacked.
Q: How do hackers access my computer system and how will I know if I’m being hacked?
Sam Card: It used to be that hackers used brute force to gain access to small businesses’ systems. Now, however, they’re much more cunning. Some use social engineering tactics to target your LinkedIn page, monitor connections, then use phishing scams to trick people into providing their credentials. Others monitor the dark web for stolen passwords and confidential information they can use or sell.
If you’ve been hacked, detecting the hacker’s presence might not be immediately noticeable. They may spend time lurking in your system learning your habits to better impersonate you for malicious purposes. Only when a colleague inquires why you sent an email asking him to “wire $10,000 to a Florida bank” will you recall clicking on an unusual email link several days earlier.
Q: Why is it so difficult to find out who these hackers are?
Sam Card: Unfortunately skilled hackers are not easy to catch. They mask where they came from and cover their tracks. They intentionally use hard to trace payment systems, like Bitcoin, that are easy to obtain and exchange, and provide anonymity.
The best strategy for your business is to take precautions to avoid being hacked.
Q: Will my cybersecurity system protect my business from losing everything and what should I do to protect my network?
Sam Card: Cybersecurity systems are only as good as the tools in them. First, consider what level of security your business needs, and how much risk you can tolerate. What if your business is hacked? Will you pay the ransom? Can you afford to have stolen data used inappropriately? Your answers to questions like these help you determine how you should protect your business.
It’s essential that you develop a multi-layered approach. Educate your staff on cybersecurity awareness so they can identify potential scams. Implement strict password policies. Change passwords often and employ multifactor authentication to help prevent unauthorized access. A good IT provider will provide continuous monitoring of your systems to identify any suspicious activity and take immediate action.
You have to make it difficult for a hacker to attack you. By creating a multi-layered security system you can help protect yourself from becoming another statistic.
As seen in The Maryland Coast Dispatch
Ransomware is an increasingly common method of attack for hackers against individuals, small businesses and enterprises alike. While the first incidents of ransomware were discovered as early as 2005, the last three years have seen this type of threat explode in popularity and compromise millions of computers and mobile devices around the world. Sam Card discusses why SMBs are a target and what you can do about it.
Q: Why would hackers be interested in my small business when they can go after the big guys?
Sam Card: You may hear about the larger organizations in the headlines, but lately it’s the small businesses that are becoming the primary targets for cyber-attacks. The main reasons that hackers find small businesses to be an easier target than larger corporations are because of vulnerable security systems, minimal formal security training and weak security policies.
Vulnerable security systems can include things like out-of-date anti-malware and endpoint security, network firewalls and email security solutions. Also, there seems to be an absence of regular cybersecurity training for staff to avoid phishing email scams or improper data sharing. Finally, infrequent network monitoring and poor password practices have been reported as “low hanging fruits” that hackers look out for.
Q: What are some immediate things I can do to protect my business?
SC: Understanding the techniques that cyber hackers use to attack your systems is a great first step in getting ahead. Things like diverse delivery systems and complex coding are common entry points into your system, and the more you know about how they are getting in, the better you can protect yourself.
Developing a multi-layered security strategy is another crucial element to protecting your organization. You may think a simple anti-virus program is enough, but there are much better tools now that work together in tandem to ward off sophisticated attacks and ensure the correct back-up options are implemented.
Educating your team on the best cybersecurity practices is another imperative step in the security puzzle. Today’s employees are regularly exposed to attacks through everyday entry points like email and mobile. Training employees to recognize threats is an essential part of complete cyber security.