The Global Risks Report 2016, your next suspense novel…

If you’re looking for a scary story, put down the latest spy novel and pick up the 11th edition of The Global Risks Report 2016, courtesy of the World Economic Forum.

The cyber attack threat takes center stage in North America, standing out as the most likely risk by far. The report reflects the perceptions of nearly 750 experts and decision-makers in the World Economic Forum’s constituencies surveyed in late 2015.

The risks perceived as the most likely to beset various regions this year include:

Social volatility
Interstate conflicts
Economic instability
The truth is that governments, businesses, organizations, and citizens in most parts of the world face pretty much the same dangers from cyber threats as their North American counterparts.

The Grant Thornton International Business Report 2015, for example, shows that cyber attacks are estimated to have cost Asia Pacific businesses $81 billion in the preceding 12 months, while firms in both the EU and North America saw revenue losses just over $60 billion.

Cascading Effects

Cyber dependency is a global trend in a world where digital businesses reside in increasingly connected, smarter and more automated environments.

That means that an entity’s risk is increasingly tied to that of other entities, making it harder for any single party to fully protect itself. This raises “the odds of a cyber attack with potential cascading effects across the cyber ecosystem,” the report states.

Consider also the impact of other risks that can lend more fuel to the cyber-attack flames. “Chronic and resurgent violence, conflicts, and economic and social volatility will remain prominent features of the current and future reality,” the report notes. Such conditions only make it easier for bad actors to gain new recruits to conduct cyber-attacks, be they criminal or terrorist in nature.

Raise Your Defenses

The World Economic Forum’s 2015 Executive Opinion Survey, out of 140 global economies, 18 put cyber-attacks on their list of top three risks and eight consider them a risk of highest concern for doing business. These are Estonia, Germany, Japan, Malaysia, the Netherlands, Singapore, Switzerland, and the United States.

Growing awareness is a good thing, but improved readiness to face these attacks is even better. If there’s a happy ending to this scare story, it is that defenses can be improved, although organizations must first fully grasp the extent of their cyber-security risks and the investments required to better manage those risks and build resilience.

The Global Risks report recommends actions that businesses can take to better defend themselves, such as:

Fostering greater cooperation throughout their value chains
Sharing cyber breach data with law enforcement
Building up security for under-protected areas like machine-to-machine connections
It’s unlikely that every organization can prevent every cyber attack, but companies should emphasize methods to identify and effectively mitigate them by streamlining mechanisms for:

Early detection
Response and recovery
Rapid mitigation
Better manage the consequences
That sounds like a good plan to us, and hopefully it’s one that organizations of every stripe will waste no time putting into action.

National Computer Security Day: Is Your Business Protected?

We all use computers for something in our lives, but for businesses that rely on them, National Computer Security Day is a great reminder to review the security measures you have in place. We’ve discussed in several posts how important it is for your business to keep your security measures up-to-date, but in honor of the holiday,  we are going to focus on the different areas of security that might be at risk and how to best keep them safe.

Email
Your email systems can be at risk for a number of reasons. If the server fails, you might not be able to access important information, and if any emails contain sensitive information, that information could be obtained by hackers.  There is also the age-old scam where people send viruses through email. Having a good email security system in place will make sure that emails containing questionable content will be blocked and quarantined. It will also ensure that your emails are backed up for easy access in case of emergency. You and your employees, with the right protection, are able to enjoy inboxes that are spam-free, contain no unsafe content and are properly backed up.

Firewall
What are your security objectives? How much of a block do you want between your computer network and the outside world? Having a well-managed firewall lets you call the shots and ensures that your network is constantly being monitored. You can reference web-based reports at any time to identify any erratic behavior and address any issues.

VPN
If you have employees or clients who access your network remotely, you need your VPN to be secure. VPN security means that you can have people work from home without worrying, and that any data sent through the network will be encrypted so that it cannot be intercepted and obtained, avoiding any cyber-attacks.

Internet Policy
What types of websites would you like to allow your employees to access from the at-work network? Having a security system that enables internet-use management allows you to put filters on accessible URLs to avoid any legal issues or potential issues for your employees who might access dangerous sites. Some managers also employ internet policy management systems in order to boost workplace productivity.

Data Storage
Storing your business’s critical data in a place that is easily accessible, secure, and backed-up is imperative. Having a good managed security service means that your data will be backed-up on a regular basis, which reduces the amount of time it would take for your business to recover from a potential security threat, as well as the amount of time you’d be exposed to any risk. This is hugely important to have In place to ensure that your sensitive data is monitored and secure 24/7.

What steps is your business taking to avoid security threats? Are you using a managed security service? National Computer Security Day is the perfect time to make sure all of your security management efforts are up-to-date and that you have the right protection in place for your business. We offer a variety of managed security services and is always here to help you get started.

 

How to Protect your Business from Cyber Crimes

When you hear about major cyber crimes such as the Home Depot and Target security breaches, you probably can’t help but to worry about the security of your own business. Cyber criminals seek out sensitive data, and every business is at risk. But just like you put a security system on your home or an alarm on your car, you can put a metaphorical security fence around your business’s data, too.

The best way to protect yourself, of course, is to identify potential risks and combat them. Here are a few ways you can do that.

Issue: Crimeware. Also known as malware, these are essentially viruses that infiltrate your systems, compromising servers, desktops, and data.
Protection: Ensure you have installed up-to-date anti-virus and anti-malware programs, browsers, and firewalls. Block your systems from Java browser plugins and implement configuration-change monitoring.

Issue: Employee or insider abuse of privileges.
Protection: Require logins for every aspect of your data and keep track of these. Review user accounts so that you can identify abnormal behavior. Audit accounts regularly and monitor any data transfers that go outside of your organization.

Issue: Espionage – the infiltration and gathering of data from outsiders.
Protection: Ensure that all software is patched, especially in areas of weakness, and that anti-virus software is up-to-date.  Keep track of data analytics and train your employees to recognize abnormalities. Make use of secure cloud-based office phones and cloud-based servers to properly track network and application activity – this will help you to better identify inconsistencies.

Issue: POS intrusions, or the access of POS systems by outsiders.
Protection: Limit or ban the access of POS systems from third parties. Enforce the use of password access and keep track of all logins. Limit or prevent the use of POS systems to browse the web or perform any other non-work-related tasks.

Issue: Card skimmers, or the collection of credit card or other payment data. Once a customer has their card skimmed via your company’s data, it’s unlikely that they’ll trust payment with your company again.
Protection: Train employees to spot suspicious behavior and regularly inspect credit card swipers at any brick-and-mortar sale location. Install tamper-evident controls and safety measures such as mirrors on ATMs.

Issue: Other errors
Protection: Have a third-party company manage or maintain your cloud servers if your business doesn’t have the capacity to train your existing IT team. Encrypt all data. Stay on top of software or business system updates and keep all employees in the loop to avoid any application misuses or data breaches.