“During the next five years, cyber-crime might become the greatest threat to every person, place and thing in the world,” according to CSO, an online organization who provides news, analysis and research on security and risk management.
As you know from our previous cybersecurity blog posts, Netgain often researches and reports on ways to mitigate your vulnerability, train your users, and protect your data at every level of your network.
We could go on for hours, or days even, about how to protect yourself and your organization from the very real threat of a breach, but the vast majority of attacks today come through only two methods.
=====
Editor’s Note: Are you looking to improve the security posture of your organization? Download our FREE Cybersecurity Toolkit, which includes handy desk reference guides, posters and checklists that you can share with your teams.
=====
Malicious email
According to PhishMe research, 91% of the time, phishing emails are behind successful cyberattacks.
Emails can contain links to malicious websites, malicious attachments or simply a request for a wire transfer. This can also be executed via a malicious banner advertisement.
This threat can be largely mitigated by encouraging users to slow down and consider if the link, attachment or request could damage the organization if it is malicious. If you think it could cause harm, ask for a second opinion or call the person to ensure the request is legitimate.
Regarding advertisements, we recommend installing an adblocker on your devices and only browsing the internet from trusted servers (like inside a Netgain-hosted environment), where additional technical protections, like internet whitelisting, are in place.
Compromised Credentials
Verizo’s 2017 Data Breach Investigation Report finds a whopping 81% of hacking-related breaches leverage stolen, default or weak passwords.
In 2017, we saw the effects of weak passwords when a Netgain client lost over $200,000 through a wire transfer attack that used compromised credentials.
Here are a few simple steps that help mitigate this risk:
- Check to see if any of your email addresses have been contained in any of the large breaches at https://haveibeenpwned.com/. If your email address shows up, make sure your password has been changed. Additionally, change the password at any other sites that used the same password.
- Do not make passwords to multiple websites or services the same as each other.
- Use a password manager, like LastPass. There will never be a better time to start using one.
- Use unique and complex passwords on ALL of your accounts.
Cyberthreats and cybersecurity preparedness continue to be some of the top concerns of corporate executives that are responsible for protecting sensitive client or patient data.
As cybercrime damage costs are expected to hit $6 trillion annually by 2021, spending on cybersecurity countermeasures is expected to exceed $1 trillion between 2017 and 2021.
What actions will you take to protect yourself, your employees and your organization?