Whether it’s a Fortune 500 company or a mom-and-pop shop, both have this in common: both are vulnerable to cyberattacks.
Cybersecurity was the topic of a recent Pulse of the Region podcast hosted by the MetroHartfordAlliance. This included the threats hackers pose to businesses, how organizations can defend themselves, and how to can prepare and establish the next generation of cybersecurity professionals.
That “cutest kitty video”
Cybersecurity professionals and their tools are becoming increasingly more effective in combating cybersecurity dangers, but the biggest vulnerability for any organization “continues to be on the human level,” says Paul Bingham, associate dean of Cybersecurity Programs at Western Governors University, a client of MCG.
“It is on the individual user level where an unsuspecting user can’t resist clicking on a link that says ‘cutest kitty video ever’ and then accidentally grants access to the entire network,” Bingham says.
Size doesn’t matter
Many smaller organizations think they are too insignificant to be attacked and therefore aren’t concerned about being targeted. However, experts agree that businesses of any size have something valuable in their network. Hackers may want access to a network for money, espionage on proprietary information, or to obtain connections to carry out attacks on the organization’s contacts.
Something to keep in mind is that a small business may not be the main target for a hacker, but rather an access point to another more valuable goal, such as clients or other companies. That’s why it’s incumbent on any businesses to not just protect themselves but others, too.
What’s concerning is that over half of all businesses in Connecticut have never undertaken a risk assessment of any kind, according to Art House, who has served as the chief cybersecurity risk officer for the state of Connecticut and also served as a White House fellow on the National Security Council.
Best practices to implement
Some best practices businesses should consider is implementing two-factor authentication and next generation endpoint detection.
With two-factor authentication, when logging into a program a user needs to both provide a password and prove their identity some other way to gain access, such as entering a code that is sent to the user’s phone or email. Next generation endpoint detection uses artificial intelligence that can discover more threats than standard virus protections.
Listen to the full interview here for more about the threats businesses face and ways they can protect themselves.