[caption id="attachment_227685" align="aligncenter" width="1200"]
Andrew Ziegler, president and founder of Tempest Risk Management, speaks during the Thursday's DBT-SBDC cybersecurity event while Greg Gurev, founder and CEO of MySherpa, listens. | DBT PHOTO BY JACOB OWENS[/caption]
NEWARK – A handful of experts shared tips to improve cybersecurity procedures Thursday at the fourth quarter joint Delaware Business Times-Small Business Development Center event.
Most companies are working in digital spaces today, depending on cloud services, web payment processing and videoconferencing, which leaves them increasingly vulnerable to devastating hacks by malicious actors. The COVID pandemic-induced push to remote working and videoconferencing has only amplified those risks, forcing companies big and small to rethink their cybersecurity strategies.
Lending some advice Thursday at the new FinTech Center on the University of Delaware STAR Campus was Tim Carrington, information security compliance manager of business services firm CSC; Greg Gurev, founder and CEO of local IT firm MySherpa; Andrew Ziegler, founder and president of business continuity consultancy Tempest Risk Management; and William Denny, a partner at Wilmington law firm Potter Anderson & Corroon who specializes in data security and IT.
While it can be overwhelming to think about cybersecurity, especially if you’re not the most tech-savvy, Carrington advised that it is important to create awareness of proper precautions for employees.
[caption id="attachment_227687" align="alignleft" width="300"]
Tim Carrington, of CSC, said there are many training programs available to business owners to protect against a data breach. | DBT PHOTO BY JACOB OWENS[/caption]
“The people in our organizations are often the weakest link in security and so it's really important that we educate them,” he said, noting training is available at SANS.org, CISA.gov or even through the SBDC.
One of the most common threats to companies today is phishing, or hackers seeking access to sensitive data by impersonating trusted sources, often by mimicking internal emails or communications to get an unaware user to click a link. Gurev said he encourages professionals to use a “defensive driving” approach to email.
“It's kind of like teaching your kid how to drive defensively. Even though there may be a stop sign, assume that the other car is going to go through that stop sign; they're not going to see you and they're going to break the law. It's the same thing with emails. You have to go on the premise that every email in your inbox is suspect and treat it as such,” he said.
Gurev recommended never clicking a link in an email, but instead visiting the intended destination website with your own web browser and navigating through proper logins as needed. Companies should also turn on notification lines that an email has arrived from outside their networks to help employees recognize it as such.
“Once an email comes through your system, you are the last line of defense,” he added.
[caption id="attachment_227686" align="alignright" width="300"]
Greg Gurev, founder and CEO of MySherpa, advises against clicking any links in emails. | DBT PHOTO BY JACOB OWENS[/caption]
If an employee does click on a suspicious link or if there is a suspected system breach, Ziegler said a company’s IT team should be contacted immediately so they can investigate the potential breach, quarantine areas where malicious code may be and protect other sensitive assets. Having a defined plan to respond to such a scenario is imperative so that important time isn’t wasted, he added.
“You may have to slow down, shutdown or disrupt parts of your operation … Be prepared to be on life support for a period of time to keep your operation running,” Ziegler said, noting that may mean reverting to paper-and-pen records for a period of time.
Tempest recommends that clients do daily data backups that are kept for a week, weekly backups that are kept for three months, and monthly data backups that are kept for as long as possible. Gurev also added that companies should periodically review what information is being included in those backups to ensure it includes all necessary information, and only necessary information – restoring backups could take days or weeks.
“People don’t always do what they are supposed to do, and they may have a cache of documents outside of your systems,” he said.
One growing threat to all businesses is ransomware, or hacks that steal data unless a ransom is paid. Such attacks are often directed by adversarial nations like North Korea, Russia, China or Iran, and are exceedingly difficult to investigate and prosecute.
[caption id="attachment_227684" align="alignleft" width="300"]
William Denny, partner at Potter Anderson Corroon, recommended that all companies have a response plan for a network breach. | DBT PHOTO BY JACOB OWENS[/caption]
Before deciding to pay such a ransom, as many companies ultimately chose to do, all the experts aside informing the FBI, as such payments could be seen as supporting terrorist organizations in some instances.
Denny, who has investigated data breaches or incidents involving major companies like Twitter and Marriott, said having a response plan can save and protect a business in such a scenario. Laws require that customers be notified of data breaches and companies have obligations to those customers even when utilizing third-party systems managers, he said.
“One of the reasons that your legal counsel should be involved in incident response is so that the counsel can direct some of the investigation so that the information that you collect is protected by attorney-client privilege,” Denny advised.