Cybercrimes can cost companies money, customers, and employees. Here’s what types of cybersecurity protocols e – Business Insider India

Chess Videos

More people are working remotely these days, as businesses strive to keep their employees safe and help stop the spread of COVID-19. But with so many employees working outside the office, organizations may be opening the door to a different kind of threat: a cyberattack.

The FBI's Internet Crime Complaint Center (IC3) has seen an uptick in cybercrime reports during the coronavirus crisis, with 3,000 to 4,000 a day compared to 1,000 a day before the pandemic. As of May 28, IC3 had received 320,000 complaints for the year, almost as many as the 400,000 or so for all of 2019.

Too many organizations mistakenly believe they're not a target, and that puts them at risk, said Richard White, an adjunct professor of cybersecurity information assurance at the University of Maryland Global Campus, "There's no reason why any responsible business owner, regardless of size, should say, 'Cybersecurity doesn't matter to me,'" White said.

Advertisement

Businesses could lose customers, too, said Sara Jodka, an employment and cybersecurity attorney at law firm Dickinson Wright, "[Cyberattacks can] become a customer-experience and brand-reputation issue that no amount of money can usually account for, especially if it's made public," Jodka said.

Factoring in all of these costs, White said the price of cybersecurity is "worth its weight in gold." The cost of cybersecurity technology varies widely, but he said investing $10,000 to $15,000, though it may seem like a lot to some businesses, will protect your most valuable assets.

The first step in creating a cybersafe remote-work setup is to provide employees with a laptop with the correct security configuration for access control, encryption, and a perimeter firewall, White said.

Encrypting all data ensures confidentiality and privacy, and a firewall protects the network, he said, "So you can allow access remotely and control it and monitor it."

A VPN (virtual private network) is also needed to secure data and ensure that it's transmitted through an encrypted path. Without a VPN, White said, "data would move through clear text across the hostile internet, and there'd be no way to control the path that the data would take."

Backup and recovery technologies are vital, too. Matthews suggested relying on a "three, two, one rule" to protect and recover lost data. "You need three copies of every bit of data in at least two locations, one of which is completely air-gapped," he said.

Employees also need to know who to call and what to do if they're faced with a potential cyberattack, and if there's disciplinary action for negligence. Organizations should hold regular training on cybersecurity, including testing employees' abilities to recognize phishing attempts, White said. Training should also cover industry-specific data protection regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) in the healthcare sector. Regular reminders about cybersecurity will keep it fresh on everyone's mind, too.

The Yahoo case "changed the game," Jodka said, showing that cybercrime could be seen as a breach of the duty of care and duty of loyalty that officers and boards of directors have to their organizations.

As the transition to remote work continues, cyberthreats will likely intensify, and investing in cybersecurity to tighten security remains a critical issue for businesses of all sizes.

Original post:

Cybercrimes can cost companies money, customers, and employees. Here's what types of cybersecurity protocols e - Business Insider India

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *


Refresh