Why Cyber-Security is More Important than Ever in 2020
On March 23, 2019, Paige Thompson, a former software engineer for Amazon, broke into Capital One’s servers and accessed personal data for over 100 million Americans. The sensitive information included everything from names and addresses, to birthdates, credit scores, and more. And though she was swiftly caught by the FBI, her actions made one thing clear: Cyber-security is no longer a luxury.
How Pervasive are Cyber-Attacks?
Large corporations like Capitol One aren’t the only ones in danger of cyber-threats. Some research has shown that nearly half of cyber-attacks are directed at small and medium-sized businesses. In the past four years alone, there have been 172 ransomware attacks on health care providers and organizations. And more and more governmental agencies are facing cyber-threats, including small locales like Keene, a small Texas town with 6,000 residents.
These are the fastest growing crimes in the United States. According to one statistic, there’s a cyber-attack every 39 seconds. That includes everything from malware to DDoS attacks, and everything in between. And the risks are growing as we connect more and more of our lives to the internet through wi-fi enabled devices like televisions, watches, and even refrigerators. This is the dark side of the Internet of Things (IoT).
In 2014, hackers used several small businesses’ televisions and refrigerator to access servers and send out malicious emails. And that took place when IoT was still rather new. We’re entering a world where more and more of the products we purchase include computer chips and internet capabilities that make them prime targets for hackers.
Who is Committing Cyber-Attacks?
Unlike the Capitol One breach, many of the cyber-attacks that businesses and other organizations face aren’t launched by individuals looking to hone their hacking skills. It’s becoming more frequent for foreign entities, including states and state-sponsored groups, to use cyber-threats to accomplish their goals.
Two years ago, FBI Director Christopher Wray called China’s efforts to disrupt American businesses and governments using cyber-attacks a “very serious threat.” And around that same time, DHS Secretary Kirstjen Nielsen warned, “Foreign adversaries are working to build the capabilities to attack financial systems, knock out critical services, take down vital networks, and lock down or alter data…Virtually everyone and everything is a target.”
What are Social Engineering Cyber Attacks?
But it’s not just China. Iran, Russia, and other nations hostile to the United States (whether openly or otherwise), have launched cyber-attacks on US-based businesses, organizations, and individuals. It’s now a well-known fact that the Russian government sought to influence the 2016 US presidential election through social engineering.
Various actors have already been doing the same this year. Reports have come in of Iran impersonating political candidates, sending out letters from ‘concerned citizens’, and getting published in well-known newspapers.
This is just one example of social engineering attacks. They can come in a variety of different flavors, including phishing messages, scripted phone calls, and others. Hackers have even gone to the lengths of attending job interviews or working at an organization in order to get the information and access they need to launch an attack.
And once they do, it can be absolutely devastating.
What’s the Cost of a Cyber-Attack?
What’s more, these attacks can carry grave costs for businesses, organizations, and governments. Trillions of dollars have been spent cleaning up the aftermath and compensating those impacted. Equifax’s 2017 data breach impacted nearly 150 million Americans and cost the company over $400 million dollars. Think of it, a single data breach cost Equifax half of their annual operating income.
And other, more far-reaching effects can take place as well. Immediately after the Capital One breach, Capitol One’s stock dropped 5%. Had the hacker avoided the FBI and used the information maliciously, it could have resulted in far worse.
Cyber-threats don’t just have the potential to set a business or organization back, they can decimate it.
What Should I Do About Potential Cyber-Attacks?
At the moment, cyber-attacks are becoming a regular, if unfortunate, part of life in the twenty-first century. Concerns about them can no longer be limited to an IT department. They’re simply too dangerous, sophisticated, and potentially costly to assume that a simple firewall will keep an organization safe from cyber-threats.
If your business or organization maintains sensitive data, there’s a high likelihood that it will get hit by a cyber-attack at some point in the future.
The only question for you is, will you be ready?
Rather than simply waiting to be hit by the next big attack, businesses and organizations can prepare. Though cyber-attacks are growing more advanced, so are the abilities of security firms to prevent them and minimize their damage.
Security firms now have the ability to analyze a business’s network, assessing its greatest vulnerabilities, testing how it might be exploited, and developing comprehensive solutions to keep it strong against whatever attacks may come. In addition, a number of firms offer training so that employees can learn how to avoid costly social engineering attacks that rely on human error and misjudgment.
Analysts recommend that large organizations should invest around 1% to 2% of their operating budget in cyber-security efforts. Small and medium-sized businesses should consider investing 4%. This is a small price to pay to prevent breaches and other cyber-attacks that can wind up costing millions of dollars in fines, lawsuits, refunds, and insurance premiums – not to mention lost sales and a broken reputation that can’t easily be fixed with money.
Cyber-security is no longer a luxury. It’s a necessity for every business and organization that wants to move forward with confidence and success.