WINCHESTER — James Allen says cyberattacks can have multiple impacts on a business.
Not only do security breaches cost companies money, they take a toll because people fear their information has been compromised.
Allen, a cybersecurity expert who has has held key leadership positions in the military, Department of Defense and the federal government, was guest speaker at the annual Museum of the Shenandoah Valley’s Business Forum Luncheon on Thursday. He gave local business leaders some advice on how to prevent these cyberattacks.
“Cybersecurity is a balancing act,” said Allen, who is recognized across federal cyberspace and has held key leadership positions across the military, Department of Defense and the federal government. “You have business and you have funding, and how much of that can I get from you to pay for my cybersecurity program? But also, how well can I actually use that information and build out that program while still making sure we’re meeting customer needs?”
Allen told the 200 or so business leaders gathered both in person and virtually that those things matter because a business can’t make money if cybersecurity issues are keeping the business from doing its job.
Allen said the basic patterns for cyber breaches and incidents include social engineering, basic web application attacks and system intrusions.
Money typically is needed to pay for breaches, Allen said.
“There’s a cost figure into these things, and this drives us into what we can do,” Allen said.
This includes installing things such as pop-up blockers and ransomware, integrating anti-virus software and making sure your system uses automatic updates and ensuring those updates are being made. Using privacy browsing also helps, he said, as well as backing up data and storing it off-site.
“If you’re not controlling what’s happening on your work stations and on your servers, they get in that way,” Allen said. “And try not to use RDP (remote desktop protocol). Although it’s a great little tool, it’s a way into a system.”
In terms of virus prevention, Allen said educating employees on what is OK to click on, having strong antivirus software and patching your operating system can help prevent attacks. Part of that, too, is managing who has access to which parts of your online system.
Allen said you can’t prevent all risks, but business owners should be working to mitigate those risks as best they can.
Having the right systems in place and people to run those systems responsibly will go a long way in mitigating those risks, Allen said.
Thursday’s luncheon also included a lunch and networking session for those who attended in person.
Gloss