Experts detail the importance for businesses to stay on top of cybersecurity, especially as more employees work from home.
Staying safe and secure online should be a priority to any user that does business on the Internet in order to prevent cybercrimes. Methods of deceit have become more sophisticated over the years, making it harder to decipher legitimate emails from potential online attacks, such as stealing identities, gathering information to illegally access computer networks, bank accounts and so on.
“Cybersecurity is neither a government problem nor a private sector problem; rather, it is a societal problem,” says Special Agent Jason K. White of the FBI. “We, as a society, are putting more and more information onto computer networks and increasing the surface space for attacks.”
Anyone can fall victim to cyber threats, whether that be a data breach or phishing email, and there should be no shame if it should happen to you or your company. White wants to encourage businesses to include the FBI in any incident response plans.
“The private sector and the U.S. Government must work together and it is only through this coordinated partnership that we will be able to meet the threat,” says White. “We cannot impose consequences on our cyber adversaries if companies do not step forward and provide us with evidence of intrusion.”
Now that more employees are working from home, it’s become imperative that more attention should be given to a company’s cybersecurity policy and training programs.
“Historically, people were able to protect what they had in their office with a firewall, and if they had the files on a server someplace, they knew that they could watch the perimeter and could stop things from coming in or out,” says Doug Shimokawa, Senior Vice President of Pacxa, which offers consulting services and outsourced IT.
“Now, the folks that are still operating in that model have been forced to poke holes, if you will, in their own security to allow their people access to the data and organizational assets from home,” says Shimokawa. “When those holes are open, sometimes the bad guys can get in through those vulnerabilities.”
Awareness, implementing protective procedures, and extensive monitoring are key to combating this problem. Training the staff is also important.
“We train our clients and employees on identifying what’s a scam and what to do if you suspect something,” says Loren Aquino, Partner and CXO of Hi Tech Hui, which specializes in cybersecurity consulting. “We also do testing by sending fake phishing messages that we know, and we report back to their management. More than half of all breaches are because of the end user clicking on something or even answering a call.”
Hi Tech Hui has a staff of security analysts who watch all of the clients’ network logs and identify things that might be threats. Aquino says he’s seen an uptick in hacking, due to hobbyist hackers now out of work due to the pandemic.
An uptick in hacking, and more remote working with its added vulnerabilities have heightened the need for more workers in the cybersecurity field. This fall, the University of Hawai‘i West O‘ahu added a Bachelor of Science degree program in cybersecurity which offers a concentration in cyber operations.
“Information technology is driving every aspect of our lives and software is a part of our lives from banking to health industry to critical infrastructure, and so keeping all of that secure is essential to maintaining operations, having a fairly reliable and resilient lifestyle,” says Michael Miranda, Assistant Professor of Information Security at UH West O‘ahu.
“Being aware of it is important to not only keep your own personal information and personal services that you use safe, but to also help the population at large because it’s also interconnected,” says Miranda. “In 2021, you’re going to see a lot of innovation because remote work is going to stay. You’ll see a lot of innovation on supporting remote workers and the security of remote workers and the security of remote workers.”
Cyber-Hygiene Practices to Follow:
- Avoid using public Wi-Fi for sensitive activities
- Train employees on cybersecurity
- Set strong passwords
- Be wary of clicking links, especially if unsolicited
- Verify email addresses in emails you receive by clicking on display names, and make phone contact if unsure of an email’s legitimacy.
- Include the FBI in company response plans and report incidents to the local FBI field office at 808-566-4300
- Consider a consulting firm to ensure business security
- Use anti-virus software
- Back up important data
- Use privacy settings on social media sites