Key Takeaways
- Businesses can leverage sophisticated tactics to guard against advanced cybersecurity threats by updating software, properly leveraging anti-malware tools, and training employees.
- Cybercriminals’ tactics are expanding, including the use of AI to create highly realistic fraudulent emails and scan millions of lines of computer code to exploit system vulnerabilities.
- Preventative measures such as using cybersecurity-centric AI, managed detection and response software, and endpoint detection and response software can help businesses become hardened targets.
- Employee training is critical to ensuring a safe environment, including teaching workers to verify email authenticity and detect fraudulent emails.
- Businesses should have a detailed cyber incident response plan in place, including coordinating advice from a cyber insurance company, attorney, managed service provider, and potentially a crisis PR team.
Introduction to Cybersecurity Threats
Businesses can leverage sophisticated tactics to guard against advanced cybersecurity threats. However, experts say that some businesses are still failing to address fundamental cybersecurity aspects, such as updating software, properly leveraging anti-malware tools, and training employees to avoid being deceived by threat actors. The consequences of these failures can be severe, with the FBI’s latest Internet Crime Report revealing 2024 losses of more than $2.7 billion in the category of business email compromise alone. Cybercriminals’ tactics have been expanding, including the use of AI to create highly realistic fraudulent emails and scan millions of lines of computer code to exploit system vulnerabilities.
Preventative Measures
Businesses can become hardened targets by leveraging resources provided by cybersecurity managed service providers and using cybersecurity-centric AI to defensively scan their systems. Jeremy Pogue, director of security services at Cranbury-based Integris, notes that cybercriminals seek easier targets. He explains that cybersecurity is like camping in bear country, where you don’t have to outrun the bear, but rather outrun your friends. Unfortunately, there are many "slow friends" in the small business realm, and even basic security measures such as antivirus software can put a business ahead of others and mitigate a lot of risks. It’s not just antivirus software that’s crucial; failure to leverage advanced systems settings and other tools to secure Microsoft Office 365 and/or Google Workspace environments has been an issue for many businesses.
Specific Tactics
Additional recommended cybersecurity measures include managed detection and response software, endpoint detection and response software, and DNS filtering, which prevents employees from accessing unsafe websites. Other techniques include disabling USB ports on all company devices to prevent employees from introducing malware and/or maliciously extracting proprietary company data via USB drives. General cybersecurity best practices also include utilizing the "principle of least privilege," where users are granted only the minimum access and permissions needed to perform their required functions. This prevents, for example, an executive assistant from accessing or harming the company’s sensitive data. "Shadow IT" involves employees’ use of software, hardware, or cloud services within a company that is unknown and/or not approved by the IT department, and its use should be prevented via policies and procedures.
Employee Training
Workers must be alert to additional cybersecurity threats, and formal employee cybersecurity training is critical to ensuring a safe environment. This includes teaching workers to verify an email’s authenticity by, for example, telephoning the sender, learning to detect fraudulent emails overall, and generally becoming aware of human-related cyber threats that could compromise the company’s defenses. Experts say employees must know that many malicious emails are sent from accounts that are themselves compromised, meaning precautions should be taken with all incoming emails. Janice A. Mahlmann, CEO and chief information officer at Monmouth Junction-based August eTech, explains that employees often use unauthorized cloud products, which can easily compromise a company’s cyber defenses.
Dispersed Systems
Businesses should be advised that their own firewalls and other internal systems are today not necessarily central to cybersecurity, since a great amount of data no longer resides in a proprietary data center but instead exists in Amazon Web Services (AWS), cloud infrastructure, and Software as a Service (SaaS) applications. This makes security surrounding these and many other types of accounts crucial, as they can create openings for cybercriminals. Rosario Mastrogiacomo, chief strategy officer at Newark-based SPHERE, an identity hygiene company, notes that service accounts that have not had their passwords changed in years can be particularly vulnerable to cyber threats.
Incident Response Planning
Not all threats can necessarily be thwarted, and detailed cyber incident response planning is recommended by coordinating advice from a cyber insurance company, attorney, managed service provider, and potentially a crisis PR team. Integris’ Pogue explains that an incident response plan should have all the necessary information tied together, including contact information for key personnel and procedures for responding to a cyber incident. He notes that cyber incidents are not sprints, but marathons, and the average recovery time is in months, not hours. Therefore, businesses must figure out a way to ensure they can meet payroll and keep the business operating during the recovery period.