What They Mean For You And Your Business
Getty
From Facebook to Starwood (Marriott), Under Armour to Quora, we are all very aware that our personal data has been exposed in one or more data breaches. But what is the impact of constant data breaches on your business?
First, Iāll dissect Verizonās recently released (and very thorough) 2019 Data Breach Investigations Report to share cybersecurity threat trends, and then Iāll share what you can do to protect your business.
1. Small businesses are targets. As large companies invest more money and resources in cybersecurity defenses, organized crime and nation-state actors turn their attention to small business as a prime target. Your business might be small people-wise, but 43% of breach victims were small businesses. Your small business is particularly at risk if 1.) your cash flow includes large vendor payments or wire transfers in and out, 2.) you handle or store sensitive information (customer personally identifiable information [PII], financial info, health data, intellectual property) or 3.) you contract with larger entities or high-profile individuals (where you could be targeted as a weak link into them).
2. The kill chain is shortening. Cybercriminals are becoming more efficient ā or we are making it easier ā or both. The number of steps in an attack is becoming fewer and fewer. Many attacks use malware somewhere in the series, but most attacks donāt start with malware. They start with social engineering, phishing or hacking (for example, using compromised credentials to get into an account). This means your personal cybersecurity habits still hold a lot of power on the frontlines to stop an attack. That means donāt reuse passwords, use two-factor authentication and be careful what you do and click online.
3. Money is still king. Seventy-one percent of breaches are financially motivated, meaning you donāt need to be a high-profile celebrity or a large corporation to be in the cybercriminal crosshairs. But keep in mind that not everything of value is money. Time on servers, Amazon Prime account memberships and an array of digital goods that fuel the internet economy can be monetized. If you have money, or things that can be sold for money, then thatās enough incentive for the bad actors. As a business owner, your customer data and intellectual property need to be carefully protected.
Given these cybercrime trends, letās talk about how to protect your business and your team.
1. Protect your email at all costs. Most breaches involve phishing, use of stolen credentials and/or persistent malware (which creates a connection from your device to an attacker and leaves you open to further long-term attacks). Phishing is part of almost every single attack, and access to your email is often the first goal. Once in your email, a bad actor can wreak havoc (authorize a fraudulent bank transfer, gain access to other accounts, reset your passwords, impersonate you, gain access to your devices and other services on your network and so on). Email is also the most common delivery method for malware.
Protect your email by ensuring your whole team has multifactor authentication enabled on all email accounts. Only allow employees to access their work email from secure work devices (not their personal device or a device shared with a family member). Your password for your email should be completely unique and never reused on another site. Attackers often take passwords from other breaches and try them on banks and emails, and if youāve used the same password on multiple sites, then youāre putting your accounts at higher risk.
2. Monitor for suspicious traffic. Command-and-control (C2) and backdoor malware provide cybercriminals persistent access to devices and networks and the ability to exfiltrate data or initiate other later attacks. These are two of the most prominent types of malware in cybersecurity incidents and confirmed breaches. Financially motivated cybercrime was found to rely on this type of malware 47% of the time, whereas nation-state espionage was linked to this malware 87% of the time.
This highlights the importance of diligently analyzing the traffic flowing in and out of both your network and your devices. There are intrusion detection and prevention solutions (IDS/IPS) that can be installed on the company network or on employee devices and monitored by your internal or outsourced team. Threat-hunting in the ācalls over the wireā is one of the best positions to detect hidden malware reaching out for instructions or pulling down the next phase of the attack.
3. Think twice when you are on your smartphone. Research shows that people are way more susceptible to phishing and social engineering (deceptive tactics and manipulation) when using mobile devices. Beware of emails and social media content that entice you to click or take action or disguise malicious content by mimicking legitimate sites. IDS/IPS solutions (mentioned above) can help detect and block malicious sites and software, but educating your team can also go a long way. If employees understand the part they play in security and how their actions can impact the business, they are more likely to think before they click.
">
From Facebook to Starwood (Marriott), Under Armour to Quora, we are all very aware that our personal data has been exposed in one or more data breaches. But what is the impact of constant data breaches on your business?
First, Iāll dissect Verizonās recently released (and very thorough) 2019 Data Breach Investigations Report to share cybersecurity threat trends, and then Iāll share what you can do to protect your business.
1. Small businesses are targets. As large companies invest more money and resources in cybersecurity defenses, organized crime and nation-state actors turn their attention to small business as a prime target. Your business might be small people-wise, but 43% of breach victims were small businesses. Your small business is particularly at risk if 1.) your cash flow includes large vendor payments or wire transfers in and out, 2.) you handle or store sensitive information (customer personally identifiable information [PII], financial info, health data, intellectual property) or 3.) you contract with larger entities or high-profile individuals (where you could be targeted as a weak link into them).
2. The kill chain is shortening. Cybercriminals are becoming more efficient ā or we are making it easier ā or both. The number of steps in an attack is becoming fewer and fewer. Many attacks use malware somewhere in the series, but most attacks donāt start with malware. They start with social engineering, phishing or hacking (for example, using compromised credentials to get into an account). This means your personal cybersecurity habits still hold a lot of power on the frontlines to stop an attack. That means donāt reuse passwords, use two-factor authentication and be careful what you do and click online.
3. Money is still king. Seventy-one percent of breaches are financially motivated, meaning you donāt need to be a high-profile celebrity or a large corporation to be in the cybercriminal crosshairs. But keep in mind that not everything of value is money. Time on servers, Amazon Prime account memberships and an array of digital goods that fuel the internet economy can be monetized. If you have money, or things that can be sold for money, then thatās enough incentive for the bad actors. As a business owner, your customer data and intellectual property need to be carefully protected.
Given these cybercrime trends, letās talk about how to protect your business and your team.
1. Protect your email at all costs. Most breaches involve phishing, use of stolen credentials and/or persistent malware (which creates a connection from your device to an attacker and leaves you open to further long-term attacks). Phishing is part of almost every single attack, and access to your email is often the first goal. Once in your email, a bad actor can wreak havoc (authorize a fraudulent bank transfer, gain access to other accounts, reset your passwords, impersonate you, gain access to your devices and other services on your network and so on). Email is also the most common delivery method for malware.
Protect your email by ensuring your whole team has multifactor authentication enabled on all email accounts. Only allow employees to access their work email from secure work devices (not their personal device or a device shared with a family member). Your password for your email should be completely unique and never reused on another site. Attackers often take passwords from other breaches and try them on banks and emails, and if youāve used the same password on multiple sites, then youāre putting your accounts at higher risk.
2. Monitor for suspicious traffic. Command-and-control (C2) and backdoor malware provide cybercriminals persistent access to devices and networks and the ability to exfiltrate data or initiate other later attacks. These are two of the most prominent types of malware in cybersecurity incidents and confirmed breaches. Financially motivated cybercrime was found to rely on this type of malware 47% of the time, whereas nation-state espionage was linked to this malware 87% of the time.
This highlights the importance of diligently analyzing the traffic flowing in and out of both your network and your devices. There are intrusion detection and prevention solutionsĀ (IDS/IPS) that can be installed on the company network or on employee devices and monitored by your internal or outsourced team. Threat-hunting in the ācalls over the wireā is one of the best positions to detect hidden malware reaching out for instructions or pulling down the next phase of the attack.
3. Think twice when you are on your smartphone. Research shows that people are way more susceptible to phishing and social engineering (deceptive tactics and manipulation) when using mobile devices. Beware of emails and social media content that entice you to click or take action or disguise malicious content by mimicking legitimate sites. IDS/IPS solutions (mentioned above) can help detect and block malicious sites and software, but educating your team can also go a long way. If employees understand the part they play in security and how their actions can impact the business, they are more likely to think before they click.
Gloss