Cybersecurity Learnings From Top-Ranking Military Official

According to the Verizon 2019 Data Breach Investigation Report, 43% of cyberattacks target small businesses. In this report, attacks on small businesses represent the largest share of all attacks, pointing out the importance for small business owners to implement necessary precautions.

Last week I had the opportunity to hear Major General Timothy Haugh present on cybersecurity. As Commander, National Mission Force, he is responsible for coordinating the prevention and response to cyber incidents and campaigns perpetrated by threat actors in order to preserve the United States’ critical infrastructure and key resources.

Cybercriminals today are looking for weak links to penetrate. The easiest way to penetrate a network is through spear phishing, the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information. Using this method, cybercriminals can gain access to your network to gain confidential information or launch a ransomware attack.

Steps to Protect Your Business

 By taking a very complex subject and making it simple, he reminded all of us of basic steps we can take to protect our own businesses:

• Have auto update on your software to make sure you are up-to-date with all patches available.
• Install a strong firewall and anti-virus software.
• Consider using two-factor authentication.
• Make sure to back up your data. This will put you in a stronger position should your company suffer a ransomware attack.

Even with these steps, the biggest risk a business faces is their employees inadvertently clicking on a link. To help prevent this from occurring, it is important to consider the following:

• The leader of an organization is responsible for cyber security and setting the right tone for all of their fellow employees.
• The culture of the organization is critical as to how it perceives the threat of data security.
• Continual training is critical to remind employees of the threats and consequences posed by a cybercriminal gaining access to the company’s confidential data.
• Prepare for the rainy day… back up your data.

Don't Be the Slowest One

Having seen an increase in cyber claims activity in our office with small businesses (less than 250 employees), there is no solution that offers a 100% guarantee that your business will not become a victim. However, oftentimes cybercriminals are looking for low-hanging fruit. If you have executed the steps above, there is a higher probability they will move on to an easier target. I’m reminded that when you are being chased by a bear, you only need be faster than the slowest person in your group.