Cyberattacks on brands and organizations have become an all-too-common occurrence in recent years—and 2019 will be no exception.
Hardly any company is immune, regardless of the business sector, size of company or brand visibility. In fact, SMBs may be more vulnerable to computer attacks compared with their larger counterparts because smaller businesses tend not to invest in cybersecurity.
Many SMBs also lull themselves into complacency when it comes to cybersecurity because they think their company couldn’t possibly possess enough online assets to attract malicious actors online. But hackers don’t discriminate.
That was the major takeaway from a recent roundtable discussion focusing on how companies inoculate themselves against the growing threat of cyberattacks. The roundtable was hosted by Allianz Global Corporate & Specialty. I took part in the discussion, along with Steve Martino, Cisco senior VP and chief information security officer, and Gregory Falco, Stanford fellow, CISAC security researcher and MIT grad.
The panelists agreed that computer hackers want to sow chaos just for the sake of doing so. What’s more, the problem is likely to get worse before it gets better.
See also: Quest for Reliable Cyber Security
With that in mind, here are a few areas that companies need to think about this year (and beyond) to mitigate cyber threats. Brace yourselves.
1. Disruption from ex-employees rises. You know the drill. An employee is let go, and, before he can catch his breath, the head of HR tells him to turn in his ID badge, gather his belongings and vacate the building. However, does the employee have a duplicate ID badge at home? Did he download any corporate data to his smartphone? Ex-employees looking to wreak havoc on their former employer happens more often than you might think. Indeed, according to a recent poll of 472 cybersecurity professionals by CA Technologies, 90% of organizations feel vulnerable to insider attacks. The cyber threat posed by former employees is liable to get even more challenging in 2019, what with jobs created and old ones phased out due to the digital lurch. To bolster their company’s cybersecurity efforts, CIOs and IT departments must sharpen company protocols regarding how to make sure dismissed employees do not possess anything digitally that may cause the company harm. Another way to sharpen oversight is to clamp down on company intranets and reevaluate the kind of information or data that employees are able to access.
2. Ransomware threats grow more acute. Online crime travels fast, and hackers always seem to stay a step or two ahead of the efforts among companies and organizations to thwart them. But the ability to combat cyberattacks won’t get any easier in 2019, as ransomware becomes more difficult to contain. Ransomware is a type of malware that restricts access to the infected computer system in some way and demands that the user pay a ransom to malware operators to remove the restriction. Ransomware demands are typically made in Bitcoin, according to ZDNet, the cryptographic digital currency based on blockchain. As Bitcoin has spiked in recent years, so, too, has ransomware. A survey by Osterman Research found that ransomware attacks were the most common in 2017, leading to massive losses to businesses from the inflicted downtime, per Alverez Technology Group. Many businesses had to shut their systems for extended periods—up to 100 hours or longer, the survey said. To get their hands around the problem, companies should think about expanding their digital teams to include computer engineers who specialize in combating ransomware.
3. Digitization of manufacturing poses new problems. Large manufacturing plants that were formerly analog are fast being converted into digital systems—and posing new cybersecurity threats in the process. Many of these new systems are designed to assemble, vet and distribute products more efficiently, and not necessarily to detect cyber threats. A growing number of connected devices throughout manufacturing plants gives bad actors additional “pipes” to breach. For example, closed-circuit TVs and internal computer networks—both of which are fairly prevalent in manufacturing plants—are significant targets for hackers. As AI becomes a more integral aspect of manufacturing plants—with fewer and fewer people on-site—manufacturers will have to ramp up their cyber defenses even further.
Is your company bringing any of the above cybersecurity strategies to bear? Is the board of directors tackling these questions head-on or sticking its collective head in the sand? Has the company sharpened both existing cyber defenses and training for rank-and-file employees on what to do if they spot something fishy in their email inbox?
See also: Best Practices in Cyber Security
In 2019 (and beyond) these questions will be paramount for companies that want to protect their precious assets.