A war is happening silently in the background on our computers, cell phones and bright devices. Bytes of information are moved from device to device and deal devastating damage to government infrastructure, business informational security and individual access to information.
The Cybersecurity & Infrastructure Security Agency (CISA) has urged American businesses and individuals to focus on cyber resilience. The CISA and every MSSP encourage American companies to create a plan to respond to disruptive cyber threats.
Here are just a few things companies should be aware of when it comes to cybersecurity:
Bytes can injure a company and then destroy those who are dependent on them.
Infrastructure has been hit in the past and caused problems for the American people. In 2021, a Russia-linked cybercrime group known as DarkSide attacked the Colonial Pipeline with ransomware and shut down gas production for three days. Americans waited in long lines for the gas that Colonial pumped into gas stations and businesses. Colonial paid a $4.4 million ransom to turn the gas back on and avoid leaking 100 GB of stolen data. All of this happened because of one compromised password that had access to the VPN.
Cybercriminals can make companies think something is true that isn’t.
Fake video content is rapidly becoming a source of misinformation on the internet. In the past, hackers have used artificial intelligence-based software to mimic the voices of CEOs telling their employees to authorize fraudulent fund transfers. International news stations have been hacked and broadcasted links to deep fake videos of leadership. News spreads quickly, and this use of video content to spread misinformation is dangerous. Hackers will learn from past failures and get better.
Everything connected becomes a danger to a company.
The power behind the internet of things (IoT) is that it quickly and systematically connects systems and people. When not appropriately secured, that power also makes it a target for international hackers. IoT devices can be targeted within the first five minutes of being powered up, and once into an unsecured device, hackers can access the network it is connected to. In minutes, a cybercriminal can put a company at risk.
Cyberattacks have long-lasting consequences.
I’ve found that it is not uncommon for companies to spend up to 25% percent of their IT budgets on cybersecurity due to growing cyber threats here and abroad. The average cost of a cyberattack to a company is around $4.24 million, according to Ponemon Institute’s Cost of a Data Breach Report 2022; this includes downtime, people costs, device costs, network costs and higher insurance premiums. It is also a strategic attack to cripple businesses of all sizes.
There is an impact not just on business but also on the people of this world.
Human trafficking, child pornography and other illicit activities have moved away from dark alleys to at-home computer screens. This is creating a large wave of cybercriminals and users, and many innocent victims are being abused by the system. When we protect our information both at businesses and at home, we are ensuring that we do not give access to people who would exploit the most vulnerable of us.
Organizations must work together to actively combat cyberattacks and prosecute the criminals behind the attacks. Companies can protect themselves by aligning to a cybersecurity framework like CIS (Center for Internet Security) or NIST CSF (National Institute of Standards and Technology Cybersecurity Framework). Good cyber hygiene includes implementing multifactor authentication, making sure backups are air-gapped, moving from an outdated anti-virus to endpoint detection and response, training employees on email phishing and ensuring that all critical data is encrypted. When it comes to shielding a company against international attacks, there should be an email filtering solution in place and the company should be actively blocking any information coming from known cyber threat locations.
We are getting more sophisticated in identifying security threats, and individuals are becoming more cautious online, but we all need to be aware that the threat is growing and will only get more advanced and costly in the future.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?