Trending Now

Iran Tensions’ Global Trade Impact Revealed by Seized Ship…

New Articles

The Rising Risk of Cyber Crime in the Supply Chain

The Rising Risk of Cybercrime in the Supply Chain bank
Archives, Education, Global Logistics, Global Trade Daily

The Rising Risk of Cyber Crime in the Supply Chain

Leave a comment

Cybercriminals looking for an attractive target are increasingly setting their sights on the logistics sector. Fortunately, there are steps you can take to make your company—and your suppliers and third-party service providers—less vulnerable.

Mark Brown

In recent years, the logistics sector has become an increasingly tempting target for cybercriminals for a whole host of reasons. The first is that logistics is one of the most profitable industries worldwide and is an important part of the economy, making it a logical focus for criminals seeking to make a big disruptive impact. Second, although logistics is focused on the physical movement of goods, it also has a big digital footprint. The logistics component of today’s supply chain has come to rely on a significant volume of data processing and information sharing. For example, industry forms that were traditionally paper-based—such as invoices, export compliance certificates, and bills of lading—are now digital. Consequently, fleet operators are now sharing more data digitally with partners and vendors than ever before, which opens them up to more cyber risks. Finally, the cargo supply chain consists of many disparate parties that have varying levels of cybersecurity systems in place. This presents cybercriminals with an opportunity to identify and exploit the weak links in the network.

Given the rapidly evolving nature and the deep sophistication of cyberattacks today, it is vital that transport and logistics firms and their customers stay up to date on the cyber threat landscape. Doing so will help them better understand and defend against a wide range of existing and emerging cyber risks. Due to the interconnected nature of the supply chain, it is also crucial that they work with key suppliers and partners to ensure that best practices in cybersecurity are implemented throughout the network.

THREATS TO WATCH 

Some of the major cyber risks that have affected the transportation and logistics sector include ransomware, phishing, and sensor and industrial technology intercepts.

Ransomware: Ransomware is malware that prevents users from accessing their system until a ransom is paid. According to Cybersecurity Ventures, a cybersecurity research and publishing company, ransomware is one of the fastest-growing types of cybercrime and is expected to attack a business, consumer, or device every two seconds by 2031. The transportation and logistics sector has proven to be an especially attractive target for these attacks. In May 2021, the Colonial Pipeline attack disrupted jet fuel and gasoline supplies to large areas of the southeastern region of the U.S. Whilst the direct financial impact was the payment of a $4.4 million ransom, the indirect financial and socio-economic impacts to the associated supply chain were far greater. Further evidence of the significant financial and disruptive impact of a ransomware breach was shown in this year’s attack on the logistics service provider Expeditors. The crippling attack cost the company $40 million in charges on lost shipping opportunities and a further $20 million in investigation, recovery, and remediation expenses.

Phishing: Logistics and shipping companies are increasingly being targeted by phishing attacks. Phishing involves cybercriminals contacting target organizations by email (phishing), telephone (vishing), or text message (SMSishing), and posing as a legitimate person or organization. The aim of the attack is to lure the recipient into giving up sensitive data and passwords to illicitly access data for financial gain. A very pertinent example was during the pandemic when cybercriminals used phishing techniques to target the COVID-19 cold supply chain. The attack gained access to the low-temperature storage manufacturer Haier Biomedical’s network before using its own email system to distribute further phishing emails to partners involved in transporting the vaccine.

Other examples of phishing attacks specific to the sector are “bill of lading ransom” and “freight forwarding fraud.” In the case of a bill of lading ransom, cybercriminals pose as freight forwarders to negotiate with an unwitting client. Once goods are packed onto a ship or truck from the port of loading, the criminals then deny the release of the bill of lading until a ransom is paid. If the bill of lading is not released, it can cause severe supply chain delays and disruption. It can also cost companies thousands of dollars in losses, especially if goods in transport are no longer of good quality due to disruptions.

Freight forwarding fraud involves cybercriminals impersonating a legitimate freight forwarding company by essentially copying its website. The aim is to steal freight forwarding fees or make off with any cargo that falls into their possession. Such methods can also be referred to as “brandjacking” and are often used to directly tarnish a corporate brand’s reputation.

Sensor data and industrial technology intercepts: Transportation and logistics companies are increasingly relying on sensors and internet of things (IoT) devices to track and monitor cargo. However, many companies don’t treat their operational technology and IoT technology with the same level of care that they do their information technology, creating an opportunity for cybercriminals. For example, cyber thieves may seek to intercept communications between a logistics firm’s sensors and its IT systems, and then either sell the data to a competitor or use it to guide a physical attack on valuable supply chain shipments.

Protecting against such risks can be difficult due to the innate design of IoT devices. IoT devices are designed with ease of use in mind rather than security. For example, many of them leverage default user credentials (such as “admin”), which are easy to hack, creating cybersecurity vulnerabilities. Additionally, it is often easy to download product sheets for many IoT sensors that specify exactly how the sensor is designed and what security they do and do not have.

Furthermore, companies should be aware that malware attacks can spread from a company’s IT systems to its operational technology and IoT technologies. This was seen when the shipping giant Maersk was hit by a vicious malware called NotPetya in 2017. Although the malware attack initially infiltrated the company’s active directory systems, it spread to the operational technology and IoT technologies used at Maersk’s port facilities. As a result, Maersk’s entire logistics system was shut down.

Similarly, many operational technology (OT) systems, such as industrial controls, are often riddled with vulnerabilities. In a typical OT environment, reliability is the primary concern during the design process, and basic information security precautions are often overlooked. Furthermore, many OT systems are older legacy systems that were never designed to be operated remotely or connect to the internet. As a result, cybersecurity measures were not built into the system’s design.

FIGHTING AGAINST THE THREATS 

Cyberattacks can leave damaging effects on an organization. It is, therefore, essential for an organization to have protocols in place to mitigate these attacks. No matter how small or established the organization, if bad actors see an opportunity to infiltrate, they will. To mitigate the exposure to major cyber risks, supply chain executives should first make sure that their organizations are taking the following steps internally: educate employees about potential threats and how to protect themselves, update devices and software regularly, and create an effective remediation plan.

Educate employees. It’s helpful to teach employees to look out for specific threats, such as phishing emails or vishing calls, and flag them to the appropriate person. Employees are usually the first target when bad actors are trying to infiltrate a company’s network. Therefore, it is vital that organizations empower and equip their employees with the knowledge to serve as the first line of defense against potential cyberattacks.1

Update devices and software regularly. Most technology providers are constantly testing their products for any weaknesses and release patches or updates when they discover them. It’s essential then that companies update their devices and existing software applications on a regular basis. This ensures that devices and applications are not only better protected from attacks but also are operating efficiently. Operating from an outdated device and/or software application creates vulnerabilities and loopholes for bad actors to slip through and potentially compromise an entire network system. In addition to updating devices on a regular schedule, companies should also regulate what software and applications employees can download onto work devices. Restricting unauthorized software applications can help mitigate exposure to potential attacks.

Create a remediation process. Even the best-prepared organizations with the most robust training programs can experience a cybersecurity breach. For this reason, organizations need to draw up a plan, or remediation process, for how they should respond if a breach occurs or if they detect a weakness or flaw in their information system architecture. Additionally, organizations should periodically reflect on where and how they need to improve their cybersecurity measures.

ADDRESSING THIRD-PARTY SUPPLIER RISKS

In addition to the internal tactics described above, companies should also involve their external suppliers and partners in their cybersecurity programs. Given that so much of the cargo supply chain is outsourced, advancing third-party and supplier cybersecurity programs is paramount to protecting your own cybersecurity. Organizations need to ensure that the security measures that are important to them are also in place at their suppliers’ and providers’ organizations, otherwise they risk having their own security undermined by lax practices at their partners. To create strong, secure practices, companies need to work proactively with their suppliers before a breach occurs and build an open relationship with them to ensure communications are received in the right way.

In order to address third-party supplier risks, companies should:

  • Evaluate a potential supplier’s cybersecurity risk level. This evaluation needs to be part of the due diligence process that takes place during any third-party selection. Companies need to make sure that their supplier’s internal controls—or their policies and processes for managing external risks—are in line with their own internal controls. For example, if company A has a high standard for internal controls, but receives services and supplies from Company B, which has a low standard for internal controls, then Company A is now exposed to any potential risk because of Company B’s weak point.
  • Decide how you are going to communicate. You need to have a simple way to communicate with your supplier (and your supplier with you) if an incident happens. This could be a phone call, an email, or an instant reporting mechanism. Whatever mechanism you choose, it needs to work for both parties across the various channels.
  • Identify who is managing third-party suppliers and supply chains. Many organizations think of cybersecurity as an IT-only issue, but those stakeholders who are dealing with third-party suppliers also play a key role in preventing or mitigating cyber risk. These stakeholders need to be up to date on possible threats and need to know how strong a supplier’s cybersecurity program is. They also need to know whether their supplier is subcontracting with other suppliers or service providers and what the level of cyber risk those downstream suppliers hold.
  • Be transparent with your suppliers about your cybersecurity program. This transparency should include educating them about the purpose of your program and updating them as relevant on the purpose and risks being managed.
  • Define each supplier’s cybersecurity “risk tier” and the degree of care that they require. Many companies are now assigning their suppliers to risk tiers. A risk tier is based both on the criticality of the service or product that the supplier provides and on the supplier’s risk rating (or whether—based on the supplier’s internal cybersecurity controls—they are considered a high risk, a medium risk, or a low risk). That risk tiering then determines how much control or care you extend out to the supplier in terms of cybersecurity. For example, a supplier that provides a noncritical product or service and has a high level of internal cybersecurity controls would be placed in a low-risk tier. Your company would not need to extend its internal controls to the supplier’s external environment. However, if it’s a critical supplier with a low level of risk maturity, you  want to either consider looking for a new supplier or extend your own internal control mechanisms out to their operations. The most common mistake that many organizations make when evaluating a supplier’s risk tier is they base it on the value of spending rather than the criticality of the service that’s being provided or the sensitivity of the data that’s being shared. For example, you probably don’t spend a large amount of money on the agency that produces your annual report, but that company has access to very sensitive information and should be using rigorous cybersecurity measures.
  • Carry out an external cybersecurity “posture scan” of your suppliers. There are tools available that allow you to operate like a hacker and probe your suppliers’ systems to see how secure they are. These posture scans or probes help you determine whether your third-party suppliers are following security protocols.
  • Identify who your supplier’s suppliers are. One weak spot for a supplier can be other contracted organizations within its network. Therefore, it is important for you to review the context of these supply chain relationships and their potential impact on your organization.

BECOMING CYBER RESILIENT 

The past two years have proven the vital role that the transport and logistics industry plays in the overall economy. At the same time, the past two years have also shown the scale of the cyber threat facing the industry. These two factors mean that taking steps to defend IT systems against cyberattacks is crucially important.

Cybercriminals are becoming craftier as they create more sophisticated ways to infiltrate networks and steal data for financial gain. Therefore, organizations cannot simply focus on the technological aspects of cybersecurity by assessing potential vulnerabilities in IT systems, they must also take steps to address them through best-practice security and access controls. The impacts on business processes, products, employees, and customers alike must be understood to preserve the value chain, keep the global supply chain moving, and enable a position of cyber resilience.

cybersecurity
Archives, Banking, Global Trade Daily

3 Biggest Threats to a Bank’s Cybersecurity

Leave a comment

Our world is changing. It is undergoing rapid and massive digitization. It would be safe to claim that we have the global pandemic to blame for that. However, we believe that we would have gotten there anyway given the trajectory of our current technological advancements.

Education, various business processes一almost everything can already be done online these days. The world has passed a point of no return and will never go back to what it was pre-pandemic. What has been made digital will remain digital. While this new normal does offer a lot of conveniences, it also presented a new set of challenges, particularly in cybersecurity. And of all the industries that have gone online, it is probably the world of banking that we are most concerned for. What are the financial problems that these changes will pose?

In this article, we are going to talk about the biggest threats to cybersecurity in the banking sector. Let’s start with the most basic: unencrypted data.

Unencrypted Data

Data encryption is the process of converting data from a readable format into a decoded one. Various institutions usually have their own specific codes. In this way, no one would be able to easily read their data outside the firm, should their data fall into the wrong hands.

Think of data encryption as both the vanguard and the rear of cybersecurity. An effective encryption process can deter people with malicious intent. And if they ever get their hands on the said data, they would still have to try to decrypt it anyway before it can be of any use to them. These added security measures can be truly valuable for any financial institution.

Malware

The next imminent threat is malware. While we have no doubt that most financial institutions work with competent cybersecurity agencies in order to protect their devices from being hacked, it is also true that this might not include their staff.

A breach into a system is still possible through a compromised employee phone. All he needs to do is to connect to the office’s computer network and a hacker can already begin accessing compromising information.

The same thing can happen when you’re collaborating with a third-party service. We understand how convenient it is to employ a third-party service. It can potentially save time, money, and other resources.

However, it can also expose your financial institution to certain risks if your partner doesn’t have effective cybersecurity measures in place.

The best solution to prevent potential attacks in this manner remains to be adequate employee training. Make your staff aware of the very real (and billion-dollar) repercussions of a security breach.

It is also possible to limit the access of your employees. Just let them access the minimum data that they need in order to perform their tasks. This is for their own protection as well.

Finally, running comprehensive background checks and being particularly careful with the people you hire will also help. Just make sure that your checks remain compliant to prevent any issues.

As for business partners, one should never be afraid to ask about potential partners’ cybersecurity efforts.

Data Manipulation

Another big concern is data manipulation. There are three ways in how your data can be manipulated. First, it can be stolen, copied, and distributed elsewhere, much like how hackers are able to create realistic company pages for phishing. This is called spoofing.

Data can also be deleted. This is particularly true for bigger financial institutions with competing firms. An attacker might not really have the intention to steal information but to mess up the system by deleting crucial bits of data.

Can you imagine the panic that will ensue if a financial institution suddenly lost all its client information?

Finally, data can be edited without the owner’s knowledge. Despite the common belief that data-stealing is the worst cybersecurity attack that can happen, we still believe data alteration worse. That’s because this attack is a bit difficult to detect right away.

It’s easy for bigger companies to detect if their data has been stolen and being used with malicious intent. Data deletion is a complete giveaway. You will learn that an attack has happened right after it did. There’s even a chance of stopping it halfway if you’re lucky to catch it early enough.

What makes data alteration particularly detrimental is the fact that it can’t easily be detected. A firm can go on for months without even knowing that an attack has happened. After all, the manipulated data may look unaltered on the surface, but the truth is, hundreds (if not thousands) of micro edits have already been made. If the hacker succeeds, the financial institution may be held liable to pay millions of dollars in damages.

How Imminent Is the Threat?

The cybersecurity threats that we have mentioned above are just some of the most common ones that financial institutions globally are faced with every day. It’s just the tip of the iceberg. There are definitely other forms of cyberattacks out there, and even more, being developed by the minute.

According to Mark Whelan, a banking expert from the Australia and New Zealand Banking Group, cyberattacks are more prominent and brazen than ever before. It has even reached the point that they are receiving up to 10 million attacks in a month.

For him, this is the biggest threat that financial institutions are currently facing, and experts predict that it’s only going to get worse.

Final Thoughts

Indeed, it is a brave new world that we’re living in. The risks and threats that we are facing right now are so stark in contrast to what we have experienced in the past. Gone are the days of bank heists with guns blazing. Instead, the bigger threat is probably wearing a sweatshirt right now in a random room somewhere across the globe. The fact that you wouldn’t have to take such a risk on your life makes the prospect even more appealing.

This has led financial institutions to prioritize cybersecurity efforts and training. Fortunately, with adequate risk assessment and planning, we are confident that you will be able to prevent severe cyberattacks from happening.

_______________________________________________________________________

Jim Hughes is a content marketer who has significant experience covering technology, finance, economics, and business topics. At the moment, he is the Director of Content at OpenCashAdvance.com.

DDos
Archives, Global Trade Daily, Software

Why DDoS Attacks Are the Biggest Threat to Your Business in 2021

Leave a comment

In the 21st century, it’s hard to imagine functioning without technology. Just think of how many times a day you look at your phone or switch on your computer. When you need an answer, you turn to Google; when you want to relax, Netflix is there. In fact, it seems that the internet can take care of your every need — be it social, financial or recreational.

Unfortunately, though, technology isn’t just useful to you but also to those who want to harm you. As technology grows more advanced, hackers and cybercriminals obtain new and sophisticated tools to launch their DDoS attacks, threatening your safety. But what is a DDoS attack, and why is it so dangerous? Keep reading, and you’ll find out!

What Are DDoS Attacks?

DDoS stands for distributed denial of service, and it’s one of the most common tactics hackers use to bring down a server. To put it simply, they flood a network with so much traffic at once in order to overwhelm the server, and it crashes. To do this, hackers use a large group of compromised computers called a botnet.

Now, the problem is that anyone can become a part of a botnet without even realizing it. If your antivirus program isn’t up to date, or you visit unsafe sites, your computer can become infected by malware. Contrary to popular belief, malware doesn’t just corrupt your files or damage your device. In fact, hackers often use it to covertly gain control over your computer and use it for their malicious purposes.

An infected device works as usual, but you’re no longer in charge. The actual owner, the hacker, can order your device to start sending requests to a server of their choice, along with hundreds of other devices. Ultimately, that leads to a crash.

Of course, servers can crash when they gain a lot of traffic naturally. But that’s not a DDoS attack — DDoS always comes with malicious intent. The hacker who’s launching it rarely does so just for fun – they usually have rather serious motives.

Why Do Hackers Perform DDoS Attacks?

If you’re new to the world of cyberattacks and criminals, it might not be obvious what the purpose of DDoS is. What could a hacker gain from disrupting a server? Sadly, there’s no easy answer — the motives behind these attacks vary. Here are some of the most common reasons.

Financial Gain

Hackers often use DDoS attacks to target corporations and large businesses, knowing that they have high profits. Once they bring their servers down, they send a message asking for a ransom. The network stays under their control until they receive the sum they asked for, after which everything goes back to normal.

Ideology

Political and ideological wars are no longer waged out in the battlefield. These days, the real frontlines are in cyberspace. Whether it’s rebellious groups using hackers to protest against oppressive governments or those governments targeting protesters, DDoS attacks are commonly used in this type of warfare.

Gathering Information

If a large business handles lots of private information, it can easily become the target of a DDoS attack. In such a case, the attack serves as a distraction. While everyone is busy trying to resolve the problem, the hacker gains access to classified records and finds the information they need. The most sophisticated hackers leave very little trace, and no one even knows they were there.

Why Are DDoS Attacks Detrimental to Businesses?

Whatever the hackers’ motives may be, the most common DDoS attack targets are businesses. Large or small, they all face a similar danger as long as they are online. But how can a DDoS attack hurt your business, exactly?

Just imagine that a hacker attacks your company’s servers and brings them down for a few hours. The customers that would typically visit and purchase your products suddenly don’t have access to your site. New clients may be trying to visit your site too, but when they see that your website isn’t functional, they’re unlikely to return. In short, you can lose hundreds, if not thousands, of dollars as well as potential new clientele.

The longer your servers are down, the worse it gets. Soon enough, you’ll need to hire a team of experts to deal with your problem, which obviously won’t come cheap. On top of that, the hacker might ask for ransom, and after a few hours of losses, you’ll probably be more than willing to pay it.

But the worst damage you’ll suffer isn’t financial — it’s reputational. If your clients find out that your servers were hacked, they might have trouble trusting you with their personal information. No matter how loyal they were in the past, no one wants to believe their personal information is vulnerable. Soon enough, your pristine reputation will be tarnished, and not even by your own fault!

The only way to avoid this worst-case scenario is to put in place measures against DDoS attacks. That means you’ll need firewalls, antivirus software and perhaps even a special IT department to monitor your servers. It will surely cost you more, but in the long-run, you’ll be glad to have some peace of mind.

Protect Yourself Against DDoS Attacks

DDoS attacks are not child’s play — in fact, they have become the biggest threat to businesses in 2021. If anything, this threat will only get worse as our world becomes more digital. Don’t let yourself become a target; start looking into DDoS protection today. It’s the only way to ensure your customers’ safety and your company’s rise to success.

________________________________________________________________

MJ Shoer is SVP, Executive Director, CompTIA ISAO, at CompTIA, the Computing Technology Industry Association. CompTIA is the world’s leading tech association. Its mission is to advance the global technology industry. The CompTIA ISAO is an Information Sharing and Analysis Organization whose mission is to raise the cybersecurity resilience of the global tech industry. MJ has over 30 years’ experience in the IT industry, having founded and run an MSP for nearly 20 years before it was acquired as well as consulting with MSPs, SMBs and channel organizations.

cybersecurity
Archives, Global Trade Daily, Software, Special Reports

The Evolution of Cybersecurity

Leave a comment

Last year we saw cybercriminals seizing a massive business opportunity.

Our rapid shift to working from home due to COVID-19, plus heightened financial, political, social, and emotional stressors presented a perfect storm:

-The consumer-grade routers and electronics we use at home are inherently less secure than the centrally managed commercial-grade devices at our offices. 

-Many home networks are already compromised. In April 2020, BitSight found that 45% of companies had malware originating from an employee’s home network.      

-Social engineering hacks like phishing, vishing, and smishing thrive when victims are preoccupied or fearful. 

Our organizations became very vulnerable very suddenly, and bad actors did not hesitate to cash in. In March alone scammers ramped up COVID-related phishing scams by 667%. Overall, the FBI’s Internet Cybercrime Complaint Center (IC3) saw a 400% increase in reported cyberattacks in 2020. 

While the events of last year presented a unique scenario for all of us, the swift and aggressive response from bad actors is indicative of a trend that will, unfortunately, persist: cybercriminals have organized themselves into a successful enterprise that continues to innovate and evolve for maximum profit.

And that profit is sizable: According to a March 2020 study by Atlas VPN, cybercriminals bring in over $1.5 trillion per year in revenue—more than Facebook, Walmart, Apple, Tesla, and Microsoft combined.

Why does it matter?

Our only option when it comes to mitigating (not eliminating) the risk of a breach is to match ever-evolving threats with an ever-evolving security strategy.

Cyber defenses cannot be “set and forget” anymore; while antivirus software, firewalls, and active monitoring tools are essential components of that defense, they are no substitute for human vigilance. 

Not only that, but our concept of vigilance must recognize the potential for highly sophisticated cyber breaches that span weeks or even months. Instead of snatching valuable data in discrete intrusions, cybercriminals are siphoning it off via prolonged, methodical interactions with victims. One popular scam works like this: 

-The bad actor identifies who in your organization processes payments.

-They gain access to that person’s email account, generally through a standard phishing email.

-They monitor the email account over a period of time to identify high-dollar vendors.

-They craft a spoofed domain and impersonate that vendor (think accounting@optima1networks.com).

-The target receives an unassuming email from the “vendor” with instructions to remit future payments to a new account (guess whose).

-The target continues paying the fraudster until you or your vendor realizes the mistake.

These targeted exploits cost US victims roughly $1.7 billion in 2019, up 33% from 2018. 

Attacks like this harm your business in two ways: 

-Directly: In addition to funds stolen by a hacker, you may incur ransom payments, downtime while your data is recovered, and steep labor costs for emergency IT support. In the case of ransomware attacks, average downtime is 19 days, and costs to remediate average $730,000 for those who don’t pay the ransom, and $1.45MM for those who do.

-Indirectly: Your reputation takes a hit when news of a breach gets out (every state government requires some form of disclosure). Cybersecurity audits are becoming a popular precursor to business engagements and memberships, and 38% of businesses report losing customers because of real or perceived gaps in their cybersecurity posture.

While there will never be a silver bullet when it comes to cybersecurity, it’s imperative we adapt both our defenses and our mindset to best protect ourselves in this new landscape.

Our recommendations

More cybercriminals are entering the space, and they are more organized, disciplined, and persistent than ever. This means that our cybersecurity strategies must rise to meet this new challenge, and that what we used to view as “advanced” measures must now become our baseline.

At minimum, we recommend you implement the following:

1. Advanced Endpoint Protection on all machines accessing corporate data. Centralized anti-malware only checks for known virus definitions. Add Next Generation protection that uses Artificial Intelligence to flag all “unusual” behavior, and either kill the process or alert a Security Operations Center (SOC) to intervene.

2. Two-Factor Authentication (2FA). Strong passwords are no longer sufficient. Turn on two-factor authentication for any accounts and systems that don’t already have it. Check regularly to make sure all accounts are covered.  2FA makes it much harder for unauthorized users to gain access to your system even if they obtain your password.

3. Backup and recovery for all cloud apps. Most popular applications (like Microsoft 365) have some backup built-in, but in a limited capacity. Do you have sufficient retention policies? Would you be able to restore files encrypted or lost to malware? Protect your Microsoft 365 email, SharePoint, Teams, OneDrive, and other online apps with a supplemental cloud backup service.

4. Firewall with Intrusion Detection. An up-to-date firewall is a start, but we recommend also employing Intrusion Detection to monitor network traffic for potentially malicious behavior.

5. Security Awareness Training. In addition to annual training, continually feed your employees security tips, and continually test with phishing simulations. It is essential that security remains top-of-mind year-round.

There are several security frameworks like NIST, ISO, and CMMC that can provide structure to your security efforts even if you aren’t subject to compliance regulations. These can feel overwhelming to tackle, but the items above will get you well on your way to fulfilling the core requirements.

Beyond this, it’s critical to embrace the mindset that a network is only as secure as its users are vigilant and adaptive. The sophistication and sheer volume of today’s cyber threats demand that:

-Cybersecurity expenditures get their own line item in your annual budget.

-Your cybersecurity posture needs annual review as new threats are emerging all the time. 

Most importantly, you need a resource who is qualified to assess your specific business needs and construct a solution that coordinates the technical and human components of your cyber defense.

________________________________________________

Heinan Landa is the Founder and CEO of Optimal Networks, Inc., a globally ranked IT services firm, the creator of Law Firm Anywhere, a virtual desktop solution that helps attorneys work seamlessly and securely from anywhere, and author of The Modern Law Firm: How to Thrive in an Era of Rapid Technological Change. After earning his B.S. and M.S. in Electrical Engineering and Computer Science from Johns Hopkins University, Heinan went on to receive his MBA from The Wharton School of Business. Featured in Legal Management, Legal Times, Chief Executive, Inc. Magazine, Forbes, CIO, and with regular appearances on ABC7, CBS9, and FOX5 TV, Heinan is a trusted leader in the legal, technology, and business spaces. For more, www.optimalnetworks.com, 240-499-7900, or hlanda@optimalnetworks.com.