There is no doubt that “cybercrime’ is the catchphrase of the year. Well, behind COVID, Coronavirus, BLM, Defund the Police and other hot items du jour, cybercrime is a topic that has been and will continue to dominate the news. Whether you believe it or not, the danger of cybercrime will outlast current viral rages. And we need to know and understand the threats and ramifications.
Tomorrow we will be holding a Hot Seat Webinar entitled “Cybersecurity Threats: What You Can’t See Can Hurt You.“ Judge David Langham and I, along with a collection of knowledgeable guests, will discuss the threats and protections that people must know in order to keep their businesses and personal lives safe. Our guests will be Bobby Allen, Director of Information Technology for the Georgia State Board of Workers’ Compensation, Nancy Grover, Media Director of WorkersCompensation.com and Jesse Shade, Vice President of Information Technology at Tower MSA Partners.
This is important for one very specific reason. You see, no technology-based system is bullet proof. In theory they could be made so, but it will never come to pass. In the end, technological systems are designed and managed by humans, and that single fact alone will continue to represent the biggest risk in the realm if cybercrime.
Think about it for a moment when you remember some of the most visible stories related to technology-based crime. Ransomware, a method that has crippled municipalities and major corporations alike, is effective because people will open emails and click on links they do not recognize. People find their computers are infected or their identities stolen after they responded to an email they thought was from their bank or online payment service.
One of the most spectacular data breaches to occur, at least in a scintillating if not financial sense, was the result in part of sheer hubris on the part of the company itself. The hack of the website AshleyMadison.com sent shockwaves through some quarters. AshleyMadison.com is a website where married individuals who want to have an illicit affair can register to meet others with similar intent. The CEO of the company, in a widely printed interview, boldly stated that their systems were “bulletproof,” and immune to any potential compromises. He practically dared hackers to take him up on the challenge; and they gleefully did. It wasn’t long before the personal data of more than 50,000 of their customers was released online.
Not surprisingly, the list consisted of 49,994 men, and about 6 actual women. Regardless, the release of all those names had to make for some fascinating dinner conversation at the next family Thanksgiving.
With the ubiquitous nature of connectivity today, you don’t even have to make a personal mistake to have your data compromised. Someone on your network, or whose computer has access to your network can make that mistake for you. Whether it is a network design error or a simple misguided response to a phishing email, an issue seemingly far removed from your business realm can very quickly become your problem. The most notable example of this would probably be the famous hack of Target Department Stores a few years back. That event resulted in the compromise of millions of customers credit card data, and cost the company hundreds of millions of dollars. And it all started in a service garage in Minneapolis, whose computer system had access to Target’s vendor payment system. It was through that obscure avenue that hackers found their way to thousands of Target payment terminals and infected them with malware.
Say what you will about hackers. They aren’t lazy, and they certainly aren’t dumb.
So, how do we minimize the risks? What data should be encrypted, and what does “encrypted at rest” mean? How can we recognize phony emails with malicious intent? And what happens if your system gets locked by ransomware? What should we do when our data has been compromised? How can you work to meet the newer stringent access standards of some of your customers, and what laws are changing regarding federal contracting as it relates to the topic?
These are the issues that we will be discussing tomorrow. There is a lot this, and I suspect the program will be quite full. I hope you will join us at 12:00PM eastern time. As always, the Hot Seat is free, and you may register here.