The Ostrich Method of hiding your head in the sand won't make cyber-criminals go away...
From HW this week:
Security experts: Here’s how to prevent your company from getting hacked
February 5, 2020, 5:59 pm By Julia Falcon
As the Iowa caucus delays fully showed, relying on technology can be just as much of a negative as a positive.
It was in that spirit that a panel of security experts told the crowd at the Mortgage Banker Association’s Independent Mortgage Bankers Conference in New Orleans that cybersecurity only works if the people using it are prepared and ready to face whatever challenges are throw their way.
During the session on Wednesday, a panel of tech and cybersecurity pros gave advice on how to prevent companies from getting hacked.
One piece of advice: the panel suggests that businesses test their back-up technologies to make sure they have their data properly stored on a source other than the “cloud.”
Other tips included partnering with a local FBI office and better educating employees.
Corey Harris, a cybersecurity special agent at the FBI in New Orleans, said that any business could be attacked, and all employees should be prepared and educated on the matter.
“We have to be proactive,” Harris said. “Have an incident response plan in place so when you are attacked, you know what to do.”
Alex Nunez, senior cybersecurity policy advisor at Upguard, said that companies need to keep their reputation in mind and realize that’s what’s being compromised, not just their data or systems.
Developing a greater sense of interconnectivity and taking preventative measures is the way to go, Nunez said.
“[This] matters because what we’ve seen before is a lack of consciousness,” Nunez said.
Companies need to be prepared for all types of cybersecurity attacks, John-Thomas Gaietto, executive director, cybersecurity services at RicheyMay Technology Solutions said to the panel.
Cybersecurity attacks are evolving, which means companies need updated training. Once the attack happens and data is breached, companies have 24 to 48 hours to act on it. The quicker the company acts, the better.
“What we’re involved in is building a timeline on when they look at the data,” Gaietto said. “They [attackers] want to instill a sense of urgency so you can do what they want.”
It’s important to keep in mind what happens to client information, Bankers Insurance Service President Thomas Delaney said. Once an incident happens and client information is leaked, it needs to be reported to insurance and the authorities.
“Ransomware issue is a moral dilemma for companies,” Delaney said.